Virtualisation can improve security, but only if it is done correctly, says Rik Ferguson, director of security...
research at Trend Micro.
Improved security can be achieved in virtual environments because security can be abstracted away from big servers, he said: "With virtualisation, security is no longer within what is being protected."
But, in practice, improved security is not necessarily achieved, particularly where virtual and physical servers are viewed as being the same in terms of security, said Ferguson.
"They are fundamentally different," he told Computer Weekly. Protecting data on virtual servers demands an understanding of the technology and how things "hang together," he said.
According to Ferguson, applying traditional security approaches to virtual environments tends to increase system overheads and make it difficult to achieve optimal server consolidation ratios.
"Endpoint protection security products are not designed for virtual environments and put resource contention on every virtual machine," he said.
Businesses may push back against investing in additional technologies that are designed to protect virtual environments.
But, said Ferguson, this should be balanced against the cost savings of improved consolidation ratios, improved performance, and improved security.
For more security news delivered to your email inbox, sign up for Computer Weekly's security newsletter.
Moving to new technologies that are designed to manage both physical and virtual environments could also enable supplier consolidation.
This could translate into further cost savings through eliminating licensing fees for multiple endpoint security products.
"Savings through server and supplier consolidation could mean that organisations could achieve improved security without increasing current expenditure," said Ferguson.