To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,39166664,00.htm

Virtualisation race could risk security
Don't rush in, says Gartner...

By Tim Ferguson

Published: Wednesday 04 April 2007

Companies have been warned not to rush into adopting virtualisation technology as hurrying could leave them at risk of security threats.

If companies adopt virtualisation too quickly, the best security practices could be overlooked according to analyst Gartner. In some cases the best security technology may not even be available yet.

Virtualisation is the simultaneous running of several operating systems on a single desktop or server.

The technology is intended to reduce costs and increase agility but if security issues are not fully addressed Gartner says the opposite could happen.

Postcards from the bleeding edge…

Read the latest missive from tech guru and silicon.com columnist, Peter Cochrane, as he blogs from around the world.

The software layer used to make virtualisation possible represents an additional system that can be attacked and compromised, potentially putting all systems at risk, according to the analyst.

Like any emerging technology, the analyst said virtualisation will be the target of new security threats. It warned that simply applying the technologies and best practices for securing physical servers won't provide sufficient protections for virtual machines.

As a result, Gartner predicts 60 per cent of virtual machines used in production environments will be less secure than their physical equivalents by 2009.

Neil MacDonald, Gartner vice president, said it may take several years for the tech to evolve sufficiently, while companies need to mature the appropriate staff skills and processes.

Gartner advises virtual machines should be secured before they are deployed, with security being a major consideration in the selection of software.