The growth of virtualization is a hot topic these days, including at IT Business Edge. Arthur Cole presents his top 10 benefits for virtualization in enterprise. Mike Vizard talks about hybrid client virtualization. These are just two examples of the obvious upside to virtualization.
However, there are security concerns. Larry Barrett, writing for ServerWatch.com, reported on a CDW report that found that though 90 percent of companies surveyed are using virtualized servers, not everyone trusts their security:
62 percent confessed that despite all the well-documented benefits of virtualization -- particularly the reduction in energy consumption, the ease of configuring and managing servers and the freeing of cash to pursue other IT projects -- they still have a ton of applications that they don't feel comfortable running on virtual servers because of the criticality of the data and applications' functions.
That 62 percent may be on to something. A recent Gartner report stated that, over the next couple of years, 60 percent of virtual servers will be less secure than their physical counterparts.
As more workloads are virtualized, as workloads of different trust levels are combined and as virtualized workloads become more mobile, the security issues associated with virtualization become more critical to address.
Gartner listed the top six security risks:
Gartner also provided solutions for each risk, but I think this said it best:
Security professionals need to realize that risk that isn't acknowledged and communicated cannot be managed. They should start by looking at extending their security processes, rather than buying more security, to address security in virtualized data centers.