Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

You Wouldn't Re-Use a Needle, So Why Re-Use a Computer?

Imagine you’re in a hospital room and the nurse walks in and says: “We need to draw some blood, but needles have really gone up in price lately. Even though I used this needle on a previous patient, do you mind if we re-use it on you?” You’d likely run out of that hospital as fast as your legs could carry you.

We take for granted things that are disposable – whether it’s a needle, plastic gloves or even a bandage, but let’s pretend for a moment there was a shortage and some disposable items had to be re-used; we would likely have a very strong, even visceral, reaction. 

When it comes to our health, using disposable items makes perfect sense; particularly when we look at the three factors of cost, convenience, and risk, which come into consideration with such a decision. The cost of needles is low, and it’s only slightly inconvenient for doctors and nurses to have to remove each new needle from its packaging. However, the risk of infection, pain, suffering, and even death caused by re-using needles, far outweighs the cost and slight annoyance of using disposable items. So, of course, we use them to keep ourselves in better health.

Disposable computing
Now let’s apply this principle to computers; re-use is rampant, and infection all too often leads to massive data hemorrhages, embarrassing and costly public disclosures, and even job losses. The WannaCry ransomware attack that left multiple computers within the NHS paralyzed, and spread like an infectious disease across more than 40 NHS organizations, was a clear signal that systems can be exposed to viruses in an instant. I think most security professionals would agree the risk is high. 

Yet every single day, each one of us re-uses the same computer. We visit websites, open email attachments, download documents, and plug in USB devices – all on the same device – seemingly oblivious to the potential threat of infection without even washing our virtual hands. Despite the widely publicized risk, we still re-use equipment, thus, we see data breaches grow larger and occur more frequently.

Yet, there are obvious implications to cost and convenience if we were to use a brand new machine for every task we carry out – it simply isn’t practical. But, if you could bring the cost and inconvenience of disposable computing down to a miniscule amount, the massive reduction in the risk of infection would make it worth it; we could effectively rid ourselves of the woes of cyber-attacks.

Eliminate risk, reduce cost and limit inconvenience
The ideal scenario would be to create a vaccine against cyber-attacks, an inoculation or solution that would be inexpensive, invulnerable and easy to use. To stop the cycle of re-use there’s a growing trend towards micro-virtualization. By using this technique, you are essentially able to create a new computer for each task, on the same machine. As for cost and convenience, the only expenditure would be on the CPU and the power costs of running this software on a desktop or laptop.

Over the course of a year, it’s likely it wouldn’t even amount to a single pound in additional cost to a company per machine. 

Furthermore, the time taken for each machine to boot up is negligible and can be measured in milliseconds. When a user clicks on a website or file, a new micro-virtual machine (micro-VM) is instantiated in milliseconds. When a user browses to a different website or closes the file they were working on, the used micro-VM is destroyed, also in milliseconds. This is the most important point. When the machine is destroyed, so is any potential threat that was lurking within it; eliminating the risk of opening an email that may have been sent by a hacker, or visiting a website that may be loaded with malware.

Immunization through virtualization
In general, we don’t fear infectious diseases that have resulted from re-used needles. By deploying the same logical approach to the health of a company’s computer systems, we can rid ourselves of fear from cyber-infection.

Through micro-virtualization, users are freed from unnecessary restrictions and ineffective training. They are able to carry out the vital tasks their jobs require without fear of bringing down the business. You don’t use the same needles, so why persist with the same machine? I invite you to the age of Disposable Computing.

What’s Hot on Infosecurity Magazine?