Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

It's the lack of understanding of virtualization that makes security an issue

A new study from Kaspersky Lab confirms it's a lack of knowledge about virtualization that leads to fear for its security
A new study from Kaspersky Lab confirms it's a lack of knowledge about virtualization that leads to fear for its security

At the end of March 2012, Crossbeam Systems published a study showing that 94% of IT personnel identify network security as the main cause for stalled next-generation data center (NGDC) deployments. The central plank of a next-generation data center (NGDC) is virtualization. Now a new study from Kaspersky specifically ties the fear about security to a general lack of understanding about virtualization itself.

According to Kaspersky, 81% of UK firms say that their virtual environments are business critical; but at the same time, 41% say that their knowledge or experience of virtual IT is ‘just enough’ or simply ‘basic’. This has led to a less than traditional IT kludge: an inelegant, clumsy, inefficient workaround that in this case doesn't really do the job. The study shows that 18% of companies have simply patched virtual IT security onto their existing physical IT protection policy; while 45% have introduced a separate security policy just for virtual IT.

The result, says Kaspersky, increases both risk and management complexity, and delays the return on investment (RoI) for the virtualization project.

“Virtualization," explains Peter Beardmore, senior director of products and services for Kaspersky, "is a vitally important and transformational technology that offers many business benefits, including enhanced IT efficiency. However it requires customers to think differently about how to secure IT from potential cybercrime and malicious attacks."

Kaspersky's proposed solution is a new product that integrates with VMware's vShield EndPoint Security to automatically detect, scan, protect and update every virtual machine on the network, whether that's a data center, server or desktop. This approach, says Jonathan Gohstand of VMware, "helps IT departments implement security where it needs to be – right at the centre of the IT infrastructure, rather than added on as an afterthought."