Seven Data Virtualization Keys
Consider applying seven secrets practiced by your enterprise counterparts to make your own advanced data virtualization projects and architectures successful.
Virtualization remains a hot technology for simplifying IT asset management and for saving money (at least, that's the plan) on energy use and physical facility space. In fact, a presidential memorandum entitled "Disposing of Unneeded Federal Real Estate" cited virtualization as a key technology in stemming the tide of ever-growing government data centers.
Of course, putting numerous systems under a single virtual management panel may save you time, but it also creates one big target for hackers who would like to get at those systems. As always, new technologies bring new security challenges.
The National Institute of Standards and Technology has prepared an overview article, "Full Virtualization Technologies: Guidelines for Secure Implementation and Management," to help government IT pros roll out virtualized systems in a secure fashion. The seven-page PDF, which includes info that's useful to any tech group, is available free to IT Business Edge members here in the IT Downloads library.
The paper also addresses operational efficiencies and management concerns, as well as offering these nuggets of wisdom on securely managing a full virtualization implementation.
Secure all elements of a full virtualization solution and maintain their security. Basically, you need to treat every element of your virtualized environment as though it were running on hardware natively. Patch your virtualized applications and OSes religiously.
Ensure that the hypervisor is properly secured. This sounds easy enough, but your concern about this particular management entry point should extend to shutting off unused services such as the clipboard or file-sharing. Remember, anybody who can reboot the host computer where the hypervisor is running might be able to alter some of the security settings for the hypervisor.
Restrict and protect administrator access to the virtualization solution. Some virtualization products offer multiple ways to manage hypervisors, and you should be sure to secure each management interface, whether locally or remotely accessible. For remote administration, be sure to employ encryption or some other additional security layer.
If you want to dig a little deeper into the security issues facing a fully virtualized environment, be sure to also download the NIST report Guide to Security for Full Virtualization Technologies, also available here in the IT Downloads library. This 35-page PDF goes into much greater detail on installation and management techniques, as well as dolling out interesting tidbits of advice such as disconnecting removable storage use for backup from the hypervisor system.