Page 31 - Cyber Warnings
P. 31
Cybersecurity: Best Practices for Virtualization
The importance of datacenter security continues to grow with the recent trend of high-profile
security breaches, advanced persistent threats, and the rapid release of new malware, which is
happening literally every minute. With the additional increase in cyber-terrorism attacks that are
specifically targeting virtualized infrastructures, all businesses should take a proactive approach to
protect their assets.
A recent Cisco Global Cloud Index estimates that 86 percent of workloads will be processed by
cloud (virtualized) datacenters by 2019. Datacenter security was always an important aspect of
operating a successful IT department, but now due to astounding growth in both virtualization and
cyber-crimes, it should be one of the first considerations for all organizations.
Security for virtualization needs to be treated differently than traditional endpoint protection because
virtualized environments are dynamic. In the past, conventional datacenters had a number of static
servers which were not changed very often, and usually running below capacity, so installing a
resource-intensive security agent on each computer was feasible. However virtualized datacenters
are agile and flexible, with new virtual machines (VMs) regularly being created and destroyed,
especially with virtualized desktop (VDI) deployments.
Virtualization provides numerous benefits around flexibility and high-availability, yet introduces new
challenges to maintain a secure and compliant environment. These exist because virtualization
often adds additional layers of software between applications, which increases complexity. Virtual
machines are constantly changing, they can be cloned from a library of VMs that have been offline
and unpatched for several months, or even deployed by an end user to a cloud without the
administrator’s involvement.
A virtual machine, when sufficiently protected, does have the power to make a virtualized server
more secure than its physical counterpart. The key advantage of virtualization security is that
datacenter administrators can centralize and scale security management through proactive security
approach that can meet key industry compliance and regulation requirements.
How to Plan for Virtual Security
How you think about virtual security is as important as the components you protect in your
environment. A proactive mindset is vital for any company to survive a targeted attack. Responsive
organizations will fail if they only revisit and update their security policies after an attack has been
discovered, and usually by that time they have lost data, credibility or customers. Businesses must
accept the fact that malware is probably already inside their organization. This may sound
shocking, but it is the reality facing many companies today. Success in protecting your organization
from security vulnerabilities will demand new ways of problem solving, consistent monitoring, and
preemptive actions to keep up with the ever-changing threats.
Organizations must continue to maintain traditional security best practices, such as physical
protection, perimeter networks, identity and password management, and antivirus, but now they
31 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
