Study: Virtual Boxes Aren't Locked Up Tight Enough
Virtualization has come to be the hot pick for consolidating and cutting hardware costs. All those machines within machines raise questions about the safety of what's inside, though, and according to a recent study, some are seriously lacking in good answers.
The analysts at Gartner have been pondering virtualization lately, with particular emphasis on how migration affects security. According to their research, that effect is considerable: They estimate that some sixty percent of virtual servers are less secure than the original boxes.
How could such a situation arise? Several ways, it turns out.
Topping the list is poor planning, though not necessarily the way one would think. Many teams, they say, fall victim to the assumption that "nothing has changed" — the new virtualize machine does exactly what the old one did. However, a well-thought-out security strategy that worked on the old machine doesn't necessarily take into account all the elements introduced by the virtualization environment.
Compounding the lack of pre-planning are the actual vulnerabilities themselves. According to Gartner, the virtualization layer should be treated "as the most critical x86 platform in the enterprise data center," keeping it "as thin as possible, while hardening the configuration to unauthorized changes." They go on to note that "Above all, organizations should not rely on host-based security controls to detect a compromise or protect anything running below it."
Gartner also pointed to issues between separate machines running on the same host as key vulnerabilities, particularly where multiple permission layers are involved. Though the company believes only forty percent of machines are currently secure, they estimate that percentage will reach seventy by 2015.
Justin Ryan is a Contributing Editor for Linux Journal.
|Chemistry on the Desktop||Mar 23, 2017|
|Five HPC Cost Considerations to Maximize ROI||Mar 23, 2017|
|Two Ways GDPR Will Change Your Data Storage Solution||Mar 22, 2017|
|Android Candy: That App Is for the Birds!||Mar 22, 2017|
|Hodge Podge||Mar 21, 2017|
|William Rothwell and Nick Garner's Certified Ethical Hacker Complete Video Course (Pearson IT Certification)||Mar 20, 2017|
- Chemistry on the Desktop
- Five HPC Cost Considerations to Maximize ROI
- Preseeding Full Disk Encryption
- William Rothwell and Nick Garner's Certified Ethical Hacker Complete Video Course (Pearson IT Certification)
- Hodge Podge
- Two Ways GDPR Will Change Your Data Storage Solution
- Two Factors Are Better Than One
- GRUB Boot from ISO
- Minifree Ltd.'s GNU+Linux Computers
- Flash ROMs with a Raspberry Pi