Virtualisation technology is still immature and could cause
security problems if deployed without adequate controls in place,
says security firm
Sourcefire.
Around 38% of companies are using the technology, according to a
YouGov survey of more than 200 IT directors published in
November.
Server virtualisation, which reduces the need for physical
servers, is becoming increasingly popular because of the
environmental and
cost benefits.
Virtualisation also helps companies to use existing servers to
full capacity by enabling a single server to run multiple operating
systems.
The real threat is that organisations are deploying
virtualisation so quickly that security is often an afterthought,
Martin Roesch, Sourcefire founder and chief technology officer,
told Computer Weekly.
Organisations need to keep track of what virtual machines are
running in their environment, how they are configured and whether
they are up to date with security patches, he said.
Sourcefire and software supplier VMware released
a management tool in September aimed at improving security, but
Roesch said there is still a long way to go to understanding the
full scope of security problems that virtualised environments are
going to bring.
"Virtualisation is still evolving rapidly and [the security
industry] needs to come up with good, pragmatic solutions," he
said.