Study: Virtual Boxes Aren't Locked Up Tight Enough
Virtualization has come to be the hot pick for consolidating and cutting hardware costs. All those machines within machines raise questions about the safety of what's inside, though, and according to a recent study, some are seriously lacking in good answers.
The analysts at Gartner have been pondering virtualization lately, with particular emphasis on how migration affects security. According to their research, that effect is considerable: They estimate that some sixty percent of virtual servers are less secure than the original boxes.
How could such a situation arise? Several ways, it turns out.
Topping the list is poor planning, though not necessarily the way one would think. Many teams, they say, fall victim to the assumption that "nothing has changed" — the new virtualize machine does exactly what the old one did. However, a well-thought-out security strategy that worked on the old machine doesn't necessarily take into account all the elements introduced by the virtualization environment.
Compounding the lack of pre-planning are the actual vulnerabilities themselves. According to Gartner, the virtualization layer should be treated "as the most critical x86 platform in the enterprise data center," keeping it "as thin as possible, while hardening the configuration to unauthorized changes." They go on to note that "Above all, organizations should not rely on host-based security controls to detect a compromise or protect anything running below it."
Gartner also pointed to issues between separate machines running on the same host as key vulnerabilities, particularly where multiple permission layers are involved. Though the company believes only forty percent of machines are currently secure, they estimate that percentage will reach seventy by 2015.
Justin Ryan is a Contributing Editor for Linux Journal.
- Readers' Choice Awards 2013
- IBM Will Minimize Impact of Future Disasters
- New Products
- RSS Feeds
- Sublime Text: One Editor to Rule Them All?
- December 2013 Issue of Linux Journal: Readers' Choice
- Linux Systems Administrator
- Senior Perl Developer
- Technical Support Rep
- Tech Tip: Really Simple HTTP Server with Python
- Reply to comment | Linux Journal
12 hours 33 min ago
- It's Jupiter
13 hours 33 min ago
- GIMP is certainly a graphic
14 hours 35 min ago
- Thanks For Your Sharing
19 hours 21 min ago
- Studying linux, and looking
22 hours 46 min ago
- voting for Best Linux Distribution
1 day 7 hours ago
- tizen vs android
1 day 11 hours ago
- i switch my choice from KDE
1 day 11 hours ago
1 day 14 hours ago
- Belanja Online
1 day 17 hours ago