Related Links

Top 5 Stories


It's the lack of understanding of virtualization that makes security an issue

26 April 2012

A new study from Kaspersky Lab confirms an earlier one from Crossbeam Systems: it's a lack of knowledge about virtualization that leads to fear for its security.

At the end of March 2012, Crossbeam Systems published a study showing that 94% of IT personnel identify network security as the main cause for stalled next-generation data center (NGDC) deployments. The central plank of a next-generation data center (NGDC) is virtualization. Now a new study from Kaspersky specifically ties the fear about security to a general lack of understanding about virtualization itself.

According to Kaspersky, 81% of UK firms say that their virtual environments are business critical; but at the same time, 41% say that their knowledge or experience of virtual IT is ‘just enough’ or simply ‘basic’. This has led to a less than traditional IT kludge: an inelegant, clumsy, inefficient workaround that in this case doesn't really do the job. The study shows that 18% of companies have simply patched virtual IT security onto their existing physical IT protection policy; while 45% have introduced a separate security policy just for virtual IT.

The result, says Kaspersky, increases both risk and management complexity, and delays the return on investment (RoI) for the virtualization project.

“Virtualization," explains Peter Beardmore, senior director of products and services for Kaspersky, "is a vitally important and transformational technology that offers many business benefits, including enhanced IT efficiency. However it requires customers to think differently about how to secure IT from potential cybercrime and malicious attacks."

Kaspersky's proposed solution is a new product that integrates with VMware's vShield EndPoint Security to automatically detect, scan, protect and update every virtual machine on the network, whether that's a data center, server or desktop. This approach, says Jonathan Gohstand of VMware, "helps IT departments implement security where it needs to be – right at the centre of the IT infrastructure, rather than added on as an afterthought."

This article is featured in:
Cloud Computing  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×