The virtues of virtualisation and cloud computing will figure in most enterprise IT infrastructure discussions during 2010. Virtualisation has already proven its worth in delivering cost savings through server consolidation and better use of resources. Greater use of the technology across server infrastructures, in other areas of the IT stack, and at the desktop is widely anticipated. The uptake of Software-as-a-Service applications such as salesforce.com, and the success of IT service outsourcing demonstrate how centralised remote computing approaches can also provide more efficient ways to deliver technology resources to users, helping cloud computing to gain greater buy-in from corporate decision-makers. But as the industry moves towards a new IT infrastructure play, what are the implications on IT security?
Why should security professionals be concerned? According to research from Gartner, around 16 per cent of all servers within enterprise IT environments are now virtualised, and the firm expects this to increase to around 50 per cent by 2012. The market leader in this space, VMware, now has over 150,000 customers. Microsoft's virtualisation product Hyper-V is effectively free with the latest version of Windows Server, encouraging take-up of the technology and making it more accessible to the smaller business.
With any technology that is growing in importance to enterprises of all sizes, it is expected that malware writers will attempt to attack the virtualised environments, either to hijack workloads or steal critical data. An example of how virtualisation is being considered alongside security is the Payment Card Industry's Data Security Standard, where a Special Interest Group has been set up to discuss the role of virtualisation within retailers' networks, as well as how this has an impact on protecting credit and debit card payment data.
There are three main attack targets on a virtualised environment:
- The virtual machine workload, which will consist of an OS, applications and data, similar to a traditional server workload;
- The hypervisor itself;
- The management APIs that are used to control the virtual machines and integrate with other IT management products.
For the security team, the biggest issue facing them is often not being involved in the implementation of virtualisation in the first place. As this technology has often started Life in test and QA environments, it has not been part of security's remit. As the use of...