Gartner: Top Virtualization Security Risks and How to Combat Them
March 16, 2010 – Sixty percent of virtualized servers will be less secure than the physical servers they replace through 2012, according to market research firm Gartner Inc.
The decreased server security topped Gartner’s list of the six most common virtualization security risks and how to combat them.
Virtualization is not inherently insecure, according to Neil MacDonald, vice president and Gartner fellow. The problem is that most virtualized workloads are deployed insecurely – a result of immature tools, processes and limited training for staff, resellers and consultants.
While that security disparity between virtualized and physical servers is expected to decrease to 30 percent by 2015, analysts warn that the large amount of virtualization deployment taking place without a security team in the initial architecture or planning stages is one cause of virtualization risk.
In fact, survey data from Gartner conferences in late 2009 indicates that about 40 percent of virtualization deployment projects were undertaken without a team at those stages.
The number of virtualization projects planned for 2010 are increasing substantially, and at the top of CIO priorities for this year. While only 18 percent of enterprise data center workloads that could be virtualized were virtualized by the end of 2009, the number is expected to grow almost 50 percent by the close of 2012. And, that growth makes addressing the risks critical.
For starters, the virtualization layer contains inherent vulnerabilities as a human-constructed layer, and hackers are all too familiar with the privileged level that the hypervisor/VMM holds in the stack, according to Gartner.
A priority should be placed on patching the layer and configuration guidelines; and analysts recommend treating the layers as the most critical platform in the enterprise data center, keeping it as thin as possible. Above all, the firm stated, organizations should not rely on host-based security controls to detect a compromise or protect anything running below it.
Additional problems include the lack of visibility and control of internal virtual networks for VM-to-VM communication; a lack of adequate separation of sensitive workloads on a single physical server; a lack of adequate controls on administrative access to the hypervisor/VMM layer; and potential loss of separation of duties for network and security controls.
To combat these challenges Gartner recommends that organizations favor security vendors that span physical and virtual environments, require the same type of separation required for physical networks today – favoring virtualization platform architectures that support replaceable switch code, and select virtualization platforms that support role-based access control of administrative responsibilities to refine who can do what within the virtual environment.
Click here to hear from several experts about the future of data centers, including how security risks can be used as leverage; what impact the cloud will have on data centers, and whether virtualization really has changed everything.