Helping clients manage their technology for over 30 years.

Security holes that’ll keep you up at night: Insecure virtual machine deployment

Vulnerabilities of Virtualization

Rare is the information technology professional these days who doesn’t understand the prodigious efficiencies and savings that can be derived from virtualization. Yet, too often virtual machines are deployed insecurely. One Gartner analyst has estimated that 60% of virtualized servers will be less secure than the physical servers they replace.

That’s because too often virtualization projects tend to be developed and deployed without considering security. This can result in vulnerabilities that enable bad guys to compromise the hypervisor/ virtualization layer (e.g., DoS attacks), which can spread to all hosted workloads.

Vulnerabilities also occur…

  • If virtualized workloads with different trust levels are not sufficiently separated when they’re consolidated onto a single physical server,
  • If administrative access to the hypervisor layer and to administrative tools is not adequately controlled,
  • Or if network and security controls are not sufficiently separated.

Software Development Security

Here’s what you can do about it:

  • Secure your hypervisors
  • Treat virtual servers like another access layer to your network
  • Monitor and manage your virtual switches
  • Implement VM trust zones based on workload-aware security policies
  • Deploy your VMs with a secure virtualization framework/architecture

The 2011 (ISC)2 Global Information Security Workforce Study, Frost & Sullivan

Leave a Reply