Feeds

back to article The double-edged sword of virtualisation security

A quick search will provide ample warnings of the risks of adding virtualisation technology to the business IT mix without due care and consideration to security. Whether such risks are inherent in the use of virtualisation technology itself, or arise when standard security practices are not extended to include virtual …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

It is not so much virtualisation

as it is consolidation. The old adage 'Don't keep Your Eggs in One Basket' applies very well here.

If you go Borg, then one virus in the main matrix blows it all. If you then say well I will start putting up Checkpoint Charlies then you move away from consolidation and into autonomous systems anyhow.

Virtualisation is useful for Q&A, namely Testing. But, it is not that useful in consolidation because consolidation by its own nature is a weaknesses, it is simpler to envisage but that doesn't make it better in operation.

0
0
Boffin

We are also still short on standards here

Virtualized and cloud environments certainly changes the security equation, and next step needs to be some agreements among cloud and virtualization providers on best practice security recommendations, or in the case of public cloud services, a security standard that could become part of the GRC (governance risk compliance) process that most enterprise customers have to go through. I'm keeping my eye on blue guy with the X-ray lenses from CSA, the Cloud Security Alliance, for that.

0
0
This topic is closed for new posts.