News from security vendors is rarely positive, and the latest report from Kaspersky Lab (News - Alert) is no different: virtual servers are at risk.
Roughly half of all businesses that use virtualized infrastructure are only “partially protected,” according to the new Kaspersky Lab report, "Global IT Security Risks Survey 2014—Virtualization."
Virtualization is one of the megatrends in computing, with virtualization technology enabling businesses to do more with less physical servers. But virtualization is poorly understood by most, which leads to inadequate protection even while it is becoming a core resource for businesses.
Virtualized environments comprise a core part of the mission-critical IT infrastructure for 52 percent of the respondents, according to the Kaspersky report, with the virtual networks being used to store customer and financial data, intellectual property, and other critical business information.
Among the issues that were found by the report were unprotected virtual infrastructure, inadequate security knowledge, and network performance issues.
Among businesses using virtualized infrastructure, just 32 percent reported "fully implementing" a security solution.
Just as alarming, only a third of survey respondents who consider themselves to be IT security experts said they have a "clear understanding" of the issues around protecting virtualization.
Roughly 46 percent also believe that conventional physical security solutions offer adequate protection for virtual networks, but that is not the case according to Kaspersky Lab.
Businesses need to better address virtual server security, including having adequate power distribution for virtual server infrastructure (through solutions such as Server Tech’s power management offerings), security monitoring tools that can monitor virtual systems network traffic, and clear plans that outline how virtual appliances and infrastructure are protected.
It also is important for businesses to reduce their virtual footprint, cutting down on entry points for security threats. Since it is relatively easy to launch virtual machines, often such machines go dormant since there is little overhead to leaving them running and they can be created so easily.
Hopefully the Kaspersky Lab report will be a wakeup call for the half of all businesses that don’t currently have their virtual machines fully protected.
Edited by Maurice Nagle