IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Security is holding back virtualisation

Virtualisation security is still a thorny problem for implementers, says a survey from Kuppinger Cole.

virtual image

Security is the biggest worry for virtualisation project leaders, according to a report from Kuppinger Cole, an analyst firm that focuses on information security.

Forty per cent of respondents said they believed that a virtual environment was harder to secure than a physical one.

According to the research, security experts' greatest fear is that hypervisor privilege rights could lead to abuse. Although technologies are available to counter these risks, very few IT departments appear to act to limit the far-reaching rights that hypervisor access offers.

In the report, 73 per cent of IT staff admitted to misgivings about hypervisor security, especially as the extra layer it adds creates another potential vulnerability. With almost half of the respondents admitting to having no security log management or privileged user management in place, the report concludes that organisations must address this with some urgency.

"By not investing in virtualisation security, when there are well identified security threats, organisations are taking unnecessary risks which could easily be mitigated," said the report's author Martin Kuppinger.

The Virtualization Security Survey reveals that the major driver for virtualisation initiatives is to achieve operational efficiency, according to 90 per cent of those polled, closely followed by a drive to make cost savings. Virtualisation in preparation for cloud integration seems to have little attraction for half the respondents, as they placed this almost at the bottom of their priorities, just above green IT targets.

Concerns about security are rooted in a perceived lack of expertise and skills to plan and implement a virtualised environment, Kuppinger said. He added that the second major hurdle is funding the initial costs of implementing a strategy.

The main security need is for an integrated solution that will cover both the virtual and the physical environment. This was called for by 83 per cent of the respondents.

Kuppinger concluded: "The key finding for the current state of virtualisation security is that most organisations still have a lot of work to do in this area at both the organisational and conceptual level, as well as in implementing tools to achieve the required level of security in virtualised environments."

IT vendor HP recently warned businesses not to overlook security when deploying virtualised systems.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022