[ Home ]
How to Improve Security Posture with Virtualization
Virtualization forces organizations to think differently
by Terry Noonan, Vice President, Products, Shavlik Technologies
The adoption rate of virtual machines has exploded at most organizations, driven by the improved cost-effectiveness of increased server utilization. This has created a boom in individual servers representing a substantial increase in the number of devices connected to the network, with many organizations not accounting for the fact that each needs to be individually configured, patched and secured. Many may believe that because the requirement for physical devices in an organization is reduced, that this also reduces the operational requirements. Virtual machines, just like their physical counterparts, have network access and can be hacked, infected and compromised just like a dedicated physical device. They are more dynamic, coming and going at the whim of the growing number of tech-savvy users. But managed properly, they can actually improve security posture.
Establish Management Practices
|
Announcement
Now Available!
Shavlik Security Suite with Asset Management, Anti-Virus, Patch Management and Enhanced Virtualization Security Management
Shavlik is offering its customers more options for battling virtual machine sprawl with dynamic discovery of VMs as they are created. The Shavlik Security Suite supports an organization as it migrates from physical systems to virtual machines including discovery, patch management, NEW asset management, configuration management, compliance auditing, and antivirus + antispyware.
Learn more
|
Organizations are admitting that they are unaware of exactly how many virtual machines they are operating. They do not have effective management strategies in place to track, let alone control them individually. Further, virtual machines pose the same risk and offer the same exploits as their physical counterparts at the endpoint. And unmanaged virtual sprawl can quickly cause whatever management practices that were in place to be decentralized, and allow various users to create and remove them before any reasonable governance measures can be put in place. Because of this, industry analysts at Gartner estimate that 60 percent of production virtual machines will be less secure than their physical counterparts. Should this push forward continue, without due consideration of the management issues, administrators are at risk of undoing 15 years of investment in strong defenses for their physical systems.
Fully Automate 'Must Do' Tasks
Virtualization forces organizations to think differently and change processes. New servers and applications can appear significantly faster and easier, often without the authorization and coordination of the security team.
With the increased number of machines to safeguard, security and IT administrators need to aggressively and continuously monitor for new devices, servers and services. An aggressive response will require automating the processes behind vulnerability management, including patch and configuration management. While many have adopted various tools to do this, the result has been semi-automatic with manual intervention required to deploy, verify and report on much of the activity. The volumes of virtual machines added to the network will require a more continuous response that is fully automated and linked at every stage from the detection to the remediation and reporting of action taken for patches, configuration errors and other vulnerabilities. If new tools and security best practices improve automation to align with the management of virtual machines, then virtualization will be more reliable overall.
Take Advantage of Ability to Secure Offline
Many enterprises intentionally have a significant number of virtual machines offline at given periods to address requirements such as business continuity, or to conserve energy consumption (Green IT), and bring them online only as operational requirements dictate. It is often undesirable, time-consuming and a difficult operational task to bring these offline machines online just to configure them to be safe against potential threats. If virtual machines can be managed and secured in their offline state, their window of vulnerability to a particular threat is significantly reduced.
Security is boosted by the ability to use virtual machines that have been patched offline for critical system back-up when a patch requires a system reboot. Common current strategy is to wait for a time when critical systems can be taken down, nervously leaving them operating with the vulnerability until it can be addressed.
Implementing virtualization without proper security increases an organization's vulnerabilities. However, when properly safeguarded through planned, continuous and ongoing processes with automated discovery of new virtual machines even before they come online, vulnerability windows to given threats are reduced, and an organization can actually experience an improved level of security with virtualization. | 
