Gartner: Physical servers safer than virtualised ones

gallery

Virtualising servers may save money when it comes to data centre costs, but current practices mean they won’t be the safest option.

This is the claim in a new report from analyst firm Gartner, which has said 60 per cent of virtualised servers deployed between now and 2012 will be less secure than the physical ones they replace.

The report puts this figure down to a lack of involvement with the information security team when organisations choose to migrate to this technology, in both the initial architecture and planning stages.

"Virtualisation is not inherently insecure," said Neil MacDonald, vice president and Gartner fellow, in a statement.

"However, most virtualised workloads are being deployed insecurely. The latter is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants."

Gartner used the report to outline the six most common security risks when it comes to virtualising servers.

Along with companies not involving the security team, it said there are risks of compromising all workloads if the virtualisation layer was to be attacked.

A lack of visibility and controls on internal virtual networks could blind existing security policies and workloads of different trust levels could be consolidated onto a single physical server without sufficient separation.

Finally, the lack of adequate controls on administrative access to the Hypervisor/VMM layer and the potential loss of separation of duties for network and security controls could be major risks.

It is not all doom and gloom though, as Gartner points to a more positive future.

The report claimed that although initially 60 per cent by 2012, the figure of less safe virtual servers will drop to 30 per cent by 2015 if these risks are taken into account and security teams become more involved.

Email to a friend

Print this page