Security is holding back virtualisation

Virtualisation security is still a thorny problem for implementers, says a survey from Kuppinger Cole.

virtual image

Security is the biggest worry for virtualisation project leaders, according to a report from Kuppinger Cole, an analyst firm that focuses on information security.

Forty per cent of respondents said they believed that a virtual environment was harder to secure than a physical one.

According to the research, security experts' greatest fear is that hypervisor privilege rights could lead to abuse. Although technologies are available to counter these risks, very few IT departments appear to act to limit the far-reaching rights that hypervisor access offers.

In the report, 73 per cent of IT staff admitted to misgivings about hypervisor security, especially as the extra layer it adds creates another potential vulnerability. With almost half of the respondents admitting to having no security log management or privileged user management in place, the report concludes that organisations must address this with some urgency.

"By not investing in virtualisation security, when there are well identified security threats, organisations are taking unnecessary risks which could easily be mitigated," said the report's author Martin Kuppinger.

The Virtualization Security Survey reveals that the major driver for virtualisation initiatives is to achieve operational efficiency, according to 90 per cent of those polled, closely followed by a drive to make cost savings. Virtualisation in preparation for cloud integration seems to have little attraction for half the respondents, as they placed this almost at the bottom of their priorities, just above green IT targets.

Concerns about security are rooted in a perceived lack of expertise and skills to plan and implement a virtualised environment, Kuppinger said. He added that the second major hurdle is funding the initial costs of implementing a strategy.

The main security need is for an integrated solution that will cover both the virtual and the physical environment. This was called for by 83 per cent of the respondents.

Kuppinger concluded: "The key finding for the current state of virtualisation security is that most organisations still have a lot of work to do in this area at both the organisational and conceptual level, as well as in implementing tools to achieve the required level of security in virtualised environments."

IT vendor HP recently warned businesses not to overlook security when deploying virtualised systems.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Citrix mulling potential sale after tumultuous 2021
mergers and acquisitions

Citrix mulling potential sale after tumultuous 2021

15 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021