Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud and Virtualization Security Predictions for 2011

Cloud computing and virtualization are poised to dominate security discussions for 2011. It stands to reason that as businesses and governments take their data centers and workloads to the virtualization platform, ensuring protection and compliance will be top of mind.

Cloud computing and virtualization are poised to dominate security discussions for 2011. It stands to reason that as businesses and governments take their data centers and workloads to the virtualization platform, ensuring protection and compliance will be top of mind.

Cloud and Virtualization Security1. Private cloud adoption leads the way for cloud computing use

Cloud computing has been all the talk for the last two years or more and this trend is sure to continue as more and more businesses go to the cloud. For now, private cloud (also known as internal cloud) adoption is leading the way in terms of implementation dollars. For the purposes of this article, a private cloud is defined as infrastructure that is privately owned by an organization and extended to the end user or department either as a set of dedicated resources or as a service. Use of the private cloud is on a meteoric rise as organizations streamline their data centers to take advantage of the operating efficiencies of virtualization, the defacto platform of private clouds. Public and community clouds, as well as public/private hybrid models will continue to lag private cloud adoption in 2011 as the industry at large and regulatory bodies evaluate the security implications and administrative challenges of cloud computing environments that span businesses and individuals almost without restriction.

2. Virtualization security best-of-breed architectures emerge

Many companies have cited security concerns as the main blocker to virtualization and private cloud adoption. Paradoxically, virtual machines can be more secure than the physical servers they replace. Because virtual machines are purpose-built, virtualization security software can offer levels of dynamic and automated security that are unequalled in the physical security realm. As organizations become more familiar with hypervisor-based security and VM Introspection, the apprehension that may have stymied virtualization of critical workloads will be appeased. We expect that terms like “hypervisor-based,” “VM safe certified” and “VM Introspection” will become part of the 2011 vernacular of “must-haves” for virtual security architectures.

3. IaaS providers make per-VM security offerings standard

Many infrastructure as a service providers (IaaSs) have implemented security within their offerings, but they’ve done so using different approaches and with varying degrees of investment. As IaaS customer numbers surge in 2011, particularly among SMBs, IaaS providers will have to implement means for highly granular isolation of customers’ VMs. The reason for this is two-fold. Granular virtualization security regimes, particularly the hypervisor-based ones, allow for high-capacity virtualized data centers. This means that the IaaS provider can put more revenue-generating VMs on each host and therefore get more customers onto the same physical infrastructure without compromising security. Secondly, as more customers put security-intense data on hosted VMs, they will require their IaaS provider to validate that regulatory mandates for monitoring and access control (e.g., PCI, SOX, FISMA) are being met.

4. PCI DSS v2.0 accelerates virtualization adoption

When the PCI DSS released its latest version, it all but sanctioned the use of virtualization by defining a VM as equivalent to a physical server. For many IT directors, this will be the okay that they were waiting for to put their virtualization project back on this year’s to-do list. That means that, in 2011, virtualization adoption will get an uptick within many of the verticals that deal in credit card payments, including financial services and retail. This also spells a boon for QSAs with virtualization and VMware expertise.

Advertisement. Scroll to continue reading.

5. Human error is revealed as the #1 security threat to VMs

We have all heard about the potential threats: take over the virtual machine, attack the hypervisor, spread infections from VM to VM, etc. Given recent statistics and adoption rates, there is no doubt that eventually virtualization and cloud computing specific hacks will make their way into headlines in 2011. However, the biggest risks to virtualized workloads will be plain old human error—that is leaving VMs unintentionally vulnerable to traditional exploits. According to a recent survey, the rate of change in a virtualized environment occurs at an astonishing pace (VMs are updated several times a day), making the likelihood of configuration errors in the virtualized environment extremely high. Since organizations are implementing private clouds well ahead of implementing purpose-built virtualization security, expect at least one big story on data loss and misuse due to a poorly configured or placed VM.

6. Architectures unifying physical and virtual security start to emerge

Customers implementing virtualization security will look for common policy and management across the physical and virtual domains to simplify management and reduce misconfigurations. Leading security vendors will respond by bringing new architectures to market that integrate security across both domains to offer more complete solutions. Integration options include common policies, management integration and backhauling processor intensive services to physical appliances.

The above six predictions are areas to watch as they are likely to catalyze action both among vendors and standards bodies.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...