Click here to receive your FREE subscription to Campus Technology
News
Surveys Raise Doubts on Virtualization Security
10/10/2008
Migration to virtualization won't be the quick transition that some technology evangelists have predicted, according to recent surveys by two IT security companies. Nor is virtualization as secure as many might want it to be.
Virtualization security appeared to be a doubtful matter for nearly half of respondents in a survey released on Monday by San Francisco-based network security firm nCircle Inc.
In that survey, 47 percent of the study's more than 200 respondents said they didn't think the security methodologies around current virtualization programs were sound at all. Another seven percent of respondents ranked virtualization security in the "maybe/ depends" category.
"Security professionals are generally and rightfully always somewhat skeptical about new technologies," said nCircle's Director of Security Operations Andrew Storms. "I think seasoned veterans understand that technology can be both an enabler and a hindrance to solving any problem, security not excluded. How, when, where and why technologies are introduced to solve a problem is what matters most."
The jury is still out on virtualization security, which accounts for the split results found in nCircle's poll, Storms said.
The need for virtualization is clear. It's easier to roll out a new virtual guest system than it is to go into a room and push out a physical server. Moreover, a second survey, published this week by St. Paul, Minn.-based Shavlik Technologies, found that virtual machines are quickly becoming a fixture in many organizations.
Shavlik's survey polled VMworld 2008 conference attendees in a sample of nearly 300 IT, virtualization and security specialists. The survey found that security lagged despite virtualization rollouts. More than 80 percent of IT managers rated securing these virtual machines as "very important to critical," but only 35 percent had actually secured them, Shavlik's study found.
"Companies recognize the benefits of virtualization but are slower at implementing the security measures needed to protect their available information assets," said Chris Schwartzbauer, Shavlik's vice president of worldwide field operations.
While that's a problem now, virtualization offers some benefits.
"Increased investment in automating and simplifying the elements of securing virtual machines represents a significant challenge, but also an opportunity for companies to increase operational efficiencies and reduce the total cost of managing the security of virtual systems," Schwartzbauer explained.
Virtualization marks a shift in thinking, as described in a landmark speech by VMware's President and CEO Paul Maritz. He said the IT infrastructure should be treated as "a single giant computer on which applications can be provisioned in a more manageable, scalable way."
Recommended Reading
- Moodle Gets SCORM Improvements, Security Fixes
New versions of Moodle have been released, bringing the most recent stable build to 1.9.3. The latest round of updates includes a number of bug fixes and security enhancements, as well as improvements to the SCORM module.
- Free 'Morro' Antivirus To Replace Microsoft OneCare
Microsoft is rolling out a free antivirus software program for consumers that will compete with products made by Symantec and McAfee. Code-named "Morro," the AV app is expected to be available by the end of 2009.
- Microsoft Demos New SQL Server Features at PASS
Microsoft Wednesday previewed the ability to centrally manage applications and resources in the planned upgrade of SQL Server, code-named "Kilimanjaro."
- Microsoft Unveils Exchange and SharePoint as Services
Microsoft exec Stephen Elop on Monday announced two hosted solutions from Microsoft--Exchange Online and SharePoint Online--which are now available to organizations of all sizes in the United States. The software, paid for by annual subscriptions, is hosted on Microsoft's servers and supported by Microsoft's channel partners.
- 6 Ways Not To Become Rote Using Instructional Technology
There are, in my experience, six strategies to consider with any use of technology that will guard against rote use of technology and facilitate critical analysis of teaching and learning effectiveness. In this article, I'll share with you the checklist I work with and encourage others to work with in learning about and using new technology.
- Bringing Student Web "Stuff" to Campus Enterprise Systems
How can an institution incorporate Web 2.0 learning opportunities for students, and evidence of learning from those opportunities, into existing campus technologies and processes? PlugJam is providing part of the answer.
