Virtualisation is often a missed security opportunity

Virtualisation can improve security, but only if it is done correctly, says Rik Ferguson, director of security research at Trend Micro.

Virtualisation can improve security, but only if it is done correctly, says Rik Ferguson, director of security research at Trend Micro.

Improved security can be achieved in virtual environments because security can be abstracted away from big servers, he said: "With virtualisation, security is no longer within what is being protected."

But, in practice, improved security is not necessarily achieved, particularly where virtual and physical servers are viewed as being the same in terms of security, said Ferguson.

"They are fundamentally different," he told Computer Weekly. Protecting data on virtual servers demands an understanding of the technology and how things "hang together," he said.

According to Ferguson, applying traditional security approaches to virtual environments tends to increase system overheads and make it difficult to achieve optimal server consolidation ratios.

"Endpoint protection security products are not designed for virtual environments and put resource contention on every virtual machine," he said.

Businesses may push back against investing in additional technologies that are designed to protect virtual environments.

But, said Ferguson, this should be balanced against the cost savings of improved consolidation ratios, improved performance, and improved security.

Security newsletter

For more security news delivered to your email inbox, sign up for Computer Weekly's security newsletter.

Moving to new technologies that are designed to manage both physical and virtual environments could also enable supplier consolidation.

This could translate into further cost savings through eliminating licensing fees for multiple endpoint security products.

"Savings through server and supplier consolidation could mean that organisations could achieve improved security without increasing current expenditure," said Ferguson.



Read more on Privacy and data protection

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...