Large organisations are finding it harder to deploy multiple servers to meet business needs, and opt for virtualisation as a more efficient and cost-effective alternative. However, virtualisation is not invincible to security threats, says Clive Brindley, solution architect for HP.
Virtualisation reduces business costs and increases IT flexibility, says Brindley, but there are vulnerabilities in every application, and virtualisation is not exempt. "While Firewalls are well-implemented, there are still vulnerabilities in every application."
Visibility is a critical aspect to find vulnerabilities in a system, and without the correct security and management tools, threats can easily gain access through an organisation's valuable data center, Brindley says. "The area HP focuses on is service automation and visibility. We've seen a significant growth of virtualisation within data centres. Businesses have got to maintain excellence in all of the domains to manage risk."
Organisations must factor in security issues and the three domains of strategy, application and operations in virtualised environments, he says. "When securing a hypervisor, best practices need to be applied. With the proliferation of virtual platforms - there's been a significant shift in technology, and policies and procedures need to be implemented.
"Repeatability and best practice are important as most vulnerabilities are at an application level. One has to have a holistic view on how virtualisation adopts best practice in a business. Managing security compliance has its own challenges. If online servers' structure is compromised, the business is compromised." Banks that are utilising virtualisation to improve effectiveness in online banking have had to improve their security requirements, he notes.
"Virtualisation is here to stay. I expect the majority of the business environment will be virtualised in the near future."
Share