Let your private cloud escape from the security shadow

Virtualized environments may be cheaper, have lower carbon emissions, and create "virtual machines" quickly, but without real edges, it is difficult to secure them.

Softtek is one of the leading IT service providers in Latin America and a pioneer in the global nearshore industry. "Over the past few months, we have talked to the chief information security officer of Fortune 50 companies, and we have noticed an increase in the demand for tools that are safe for virtualized environments," said Leo Navarro, the company's project manager and business director. There are many companies that have deployed server virtualization and Desktop virtualization solutions. However, once they do, they have to rethink the overall security policy for the virtualized environment. ”

Navarro predicts that this will happen in 2012 years: Many companies will invest in enterprise anti-virus kits that simplify the update process, data Loss Prevention (DLP) tools to monitor data flows, two-factor authentication mechanisms to protect virtual servers and virtual desktop access, Tools to speed up the process of user resource configuration and data encryption tools.

"Many analysts say security is the first major hurdle for users to adopt cloud computing, and security issues weaken the benefits of cloud computing," said Rod Sapp, vice president of Tcis products and technology at Unisys, a multinational IT company. In a multi-tiered environment of shared infrastructure, many companies often build private clouds in one corner, so they are not at risk. But the problem with forcing cloud computing projects back into a corner of the data center is that you're weakening the fundamental benefits of cloud computing, which is improving infrastructure utilization and cost-effectiveness. ”

Evaluate what needs to be done

Emmanuel Carabott, security research manager at GFI Software, said: "Security in virtualized environments can be divided into two broad categories: the security of the guest operating system, which requires the same security methods as the non-virtual machine environment, and the security of the virtual environment infrastructure." The virtualization solution contains several management tools that can manage hosts and visitors, and specific security issues need to be considered for each of these management tools. ”

The first thing a company has to do is identify how much risk it faces.

Carabott added: "From a virtualization perspective, several key security issues are the unauthorized access of an individual to virtual environment management tools, hijacking of virtual machines and/or random access to virtual machines, and the disruption of change management systems used in the enterprise." Each of these security issues requires a professional solution from the firewall to the security scanner. ”

Companies have introduced cost-cutting measures, coupled with a more flexible approach to work, which is more needed to secure virtualized environments. Navarro said: "More companies may consider implementing the ' bring their own equipment ' (BYOD) program so that their employees can choose the equipment they use to work." These programs require companies to support the normal operation of a variety of devices, to ensure that their virtual environment is secure, and then to extend core applications to mobile devices. ”

Challenges posed by virtual machines

Whether or not your company allows employees to connect their devices to the corporate network, network professionals must beware of the challenges of ensuring the security of virtual environments. "In theory, ensuring security for virtualized environments is as easy as securing the physical environment," Carabott said. In practice, however, this is not always the case because virtualized environments are easy to create, and it is not unheard of for employees to build virtualized environments on their own machines, instead of requiring additional physical machines or applying them through appropriate channels. ”

This makes network administrators have a headache. If the virtual environment is not centralized control, then even the most basic security measures in place can not be guaranteed.

Carabott added: "If an employee is not concerned about security, think that even if the virtual machine is compromised or crashes, it will be even worse if a clean copy is restored." Unfortunately, the idea is problematic because the employee does not realize that if the virtual machine is compromised, it could become a springboard in the hands of the outlaws and be able to attack the enterprise's infrastructure more deeply. ”

Security practices

Despite the challenges, it is possible to ensure that virtualized environments are secure.

"At Sapp, we use Unisys security solutions to encrypt and crack bits of information from endpoint to Datacenter (bit-splitting) in a secure multi-tenant environment," said Mr Li. This eliminates the possibility of others accessing your infrastructure and data. ”

With the support of the government industry, the company has just begun to invest in the business sector. Sapp that companies can now take more measures to ensure that the virtualized environment is safe and user-friendly. "We are integrating a high level of security with resource configuration and automation tools for virtualized environments and cloud computing." ”

No matter how difficult it seems to be to ensure the security of virtualized environments, the worst thing is to do nothing. Each environment requires enhanced security, whether it is a virtualized environment or not. To be blunt, the key is to find the right level of security and the right tools for your network's risks.

(Responsible editor: Liu Fen)