Local companies are putting themselves at risk by not securing their virtualisation infrastructures, says Datacraft risk and security business development manager Rodger Campbell. This was the key message to emerge from the second Datacraft Brown Bag session (so named because delegates are served refreshments in brown paper bags) on security virtualisation in Auckland.
“There’s no one silver bullet for security virtualisation,” he says. “Companies are looking at virtualisation from a cost saving perspective, but they’re not realising the security implications.”
Campbell says only 15 percent of the 17 delegates at the session had a security strategy for virtualisation. “A lot of people admitted they hadn’t even looked at their virtualisation guidelines.”
He says companies should prioritise such strategies, because virtualisation introduces a lack of visibility and potential vulnerability to attacks such as those from malware, into a network.
Campbell says New Zealand companies are not the only ones lacking in virtualisation security plans. He cited a recent US poll by Computerworld US that found 70 percent of respondents had deployed a virtual infrastructure, but less than 12 percent had a security strategy.
He says a firewall, hypervisor and VMware server are essential for companies when looking at virtualisation.
“People should take a step back and have a good look at their virtualisation systems. Employ vendors who can perform vulnerability tests against your current virtualised environment and report on areas of concern. Use the capabilities in your virtualisation software, as well as virtual switches and firewalls.”
He adds that Datacraft, through its relationship with Check Point and Cisco, is moving further into the virtualisation field. It signed an exclusive local partnership with Cisco last month to distribute the vendors’ Unified Computing System. UCS offers networking and virtualisation in one platform.
Datacraft is planning another brown bag session in Auckland on October 14th, with the topic yet to be decided.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.