Securing the Virtualized Environment

By the DynaSis Team

In last week’s article, we briefly mentioned virtualization in the context of our discussion on disaster recovery. For those unfamiliar with the concept, virtualization involves portioning one or more physical servers into multiple virtual machines (VMs), each of which can have its own file store, overall purpose and operating system and be isolated from the others. (Think of a VM as a sophisticated version of a partition, e.g. the C: or D: drive, on a PC.)

Virtualization greatly enhances operating efficiency and can provide a much more secure environment than a traditional server setup. Because each machine is discrete, with virtualization it can be easier to segregate and protect data of all types.

However, virtualization also increases security challenges, because there are more machines to manage―and potentially more ways for a cybercriminal to find his way in. This week, we’ll talk about a few challenges that business owners face in protecting their data in virtual environments.

1. Sprawl: The ease of creating VMs is leading to sprawl― much like a suburb that blossoms because land is inexpensive and home building practices are more efficient. This potential for expansion makes effective management and security a greater challenge, especially if “tech-savvy” users can access systems and create their own VMs.
2. Density: Current technologies enable a few physical servers to handle a very large load of virtualized servers, but firms focused on efficiency often virtualize those servers to maximum capacity. If not properly configured, these servers may lack the capacity for IT management functions, including security.
3. Big Data: Compounding this issue, the explosion of data―and the need to save so much of it to a permanent storage location―is causing data stores to explode, with multi-terabyte data stores not unusual. Keeping tabs on―and ensuring appropriate security for―this much data is a daunting task.
4. Application Integration: With the increase in virtualized applications, companies are challenged to provide the same level of protection and security that they could on a physical server.
5. Granular Recovery: In the early days of virtualization, the traditional backup recovery approach was to remount an entire machine from the backup. In today’s environment, companies want file or object-level restores, but the security challenges of controlling such selective access and retrieve operations are considerable.

Fortunately, an appropriate combination of automated monitoring and hands-on management makes it much easier to ensure visibility, management and security of VMs. DynaSis has spent nearly three decades perfecting its approach to managing and securing IT systems at all levels, from mobile devices to servers, including virtualized environments.