IT Security is Integral to Cloud Policy Planning

IT Security is Integral to Cloud Policy Planning

You’ve seen the movie version: a crack team of hardened (but lovable) thieves exercise their wits and prowess to break into a super-secure facility in order to steal a computer with data that will put away even worse bad guys and save an orphan or two as a bonus.

These movie anti-heroes may be fiction, but the security of such facilities is not. For years, data centers have been constructed to manage and track physical access onto the premises. There is an entire industry around protecting access in the data centers with vendors specializing in hand scanners, man traps, cameras, guards (usually armed), and cages to segregate access.

When I worked on building a data center in a facility on the East Coast, I had to go through three man traps and a cage door that verified my identity with a hand scanner before I was allowed near a machine. Make no mistake, physical security measures within a data center are very much real.

But now, there is a new danger to data center security that, in our own exuberance to embrace the technology, may be leaving those security measures wide open. The technology? Virtualization.

Virtualization is taking off and rightly so: the advantages of running multiple machines within a single physical box are simply too great to ignore. Even at the user level, unused CPU cycles can now be used to host another running application instead of helping discover extraterrestrial life. At the data center level of operation, virtual machines are a vast improvement on operating costs and production output.

But all the vaunted security of a data center can actually be just a theater of security once an intruder gets remote access to your hypervisor or access to the storage array where the virtual images live.

In the past, a physical intruder either had to remove the hardware or be very quick at attempting to access the data in the data center to break into a system. Today, all an intruder has to do is comprise the security of a hypervisor, which often has access to the storage array where the virtual machines are stored.

Copying these files and launching them in the thieves’ environment in their comfort of their own lairs is now child’s play. Criminals can override local security, which is often very weak at the machine’s front end, since they now possess or have a copy of the virtual files that comprise the entirety of the virtual machine (for example, a VMDK file). This is, for all intent and purposes, exactly the same thing as being in front of the physical machine, only better: the hacker now has the added benefit of time to get into the system.

This is a problem not only for data centers. Intellectual property in the form of game software has been the target of hacks on the PS3 and Xbox game consoles, which use secured hypervisors to protect that very same IP. If a hypervisor layer specifically designed to protect data can fail, then what chance does a hypervisor layer in the datacenter have if it isn’t tightly configured?

There are, fortunately, solutions to this potential hole in your security. Third-party products exist that will let you manage authentication at the VM level of the stack. So, if someone gets their hands on a virtual machine (or a copy), they will have much more than just the security on the virtual OS to contend with. The hypervisor layer itself will provide added protection.

The key thing to remember is that information security must be planned for at the beginning of any virtualization and cloud policy. For instance, make sure you account for any VM-only connections that would otherwise be blind to your security policy. Take the physical state of your virtual machine’s security into account as well. Pilfering a data file is a lot easier than lugging a blade server out the door, so you need to maintain physical security more than ever.

By paying attention to the hypervisor layer, you can make sure you don’t make it even easier to crack into your virtual systems.

By Yvo Van Doorn

Yvo Van Doorn is currently a sales engineer at Likewise Software.

 

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

What is the 12/12 Program?

This program is designed to better handle the thousands of requests we receive from people looking to submit articles. The 12/12 program is the commitment of 12 articles delivered over a 12-month period.  

Wait! What if I just want to submit one article?

Our popular pay as you go sponsorship program provides the flexibility to submit as you wish and is designed for all budgets.

Contributors

Cloud Infographic – Wearable Tech And Preventative Healthcare

Cloud Infographic – Wearable Tech And Preventative Healthcare

Wearable Tech And Preventative Healthcare There are so many exciting new opportunities available to utilize wearable technology in the future.  Areas such as nanotechnology disease monitoring, crowdfunding to wearable accessories are some excellent examples of the potential. Estimates vary, but appear to suggest that the market will produce between $14-50 Billion over the next few years. Included below

Ten Tips For Successful Business Intelligence Implementation

Ten Tips For Successful Business Intelligence Implementation

Ten Tips for Successful Business Intelligence Implementation The cost of Business Intelligence (BI) software goes far beyond the purchase price. Time spent researching, implementing, and maintaining your BI investment can snowball quickly and mistakes are often expensive. Your time is valuable – save it by learning from other businesses’ experiences. We’ve compiled the top ten

Knots And Cloud Service Providers

Knots And Cloud Service Providers

How Do These Two Compare? In Boy Scouts, I learned how to tie knots. The quickest knot you can tie is the slipknot. It’s very effective for connecting one thing to another via the rope you have. It was used in setting up tents, mooring boats to docks temporarily and lifting your food up into

Big Data

To Have and Have Not: Big Data Initiatives In Developing Countries

To Have and Have Not: Big Data Initiatives In Developing Countries

Big Data Initiatives In Developing Countries The poor of the developing countries are becoming increasingly connected, to the point where they too are part of the Big Data revolution that’s happening across the globe. It didn’t come with laptops, though, as some supposed it would. Whereas it costs a fortune to connect broadband to a

Big Data In Your Garden: Initiatives For Better Understanding Nature

Big Data In Your Garden: Initiatives For Better Understanding Nature

Big Data in Your Garden Big Data and IoT initiatives are springing up all across the globe, making cities, protesters–and just about everything else–smarter. However, thus far there’s been little attention paid to the interactions between these bizarre technologies and living things other than humans. Biology, that is, human biology is one field where Big

Who Holds the Key to the City: Big Data and City Management

Who Holds the Key to the City: Big Data and City Management

Big Data and City Management Cities like New York, Madrid, and especially Rio de Janeiro are augmented with Big Data-powered initiatives that range from combating crime with predictive analytics (New York & Madrid) to providing real-time data for improved management. Although Big Data is no panacea and is mainly used in conjunction with a greater

Internet of Things

Where’s the Capital of the Internet of Things?

Where’s the Capital of the Internet of Things?

Where’s the Capital? We all know the capitals of fashion are London, New York and Paris, while the capital of film is Hollywood (or Bollywood!) – but what’s the new capital of the internet? Specifically, the internet of things? The answer – according to new research by Ozy – might surprise you. It’s not Tokyo, Seoul,

Smart Cities – How Big Data Is Changing The Power Grid

Smart Cities – How Big Data Is Changing The Power Grid

Smart Cities And Big Data As Anthony Townsend argues in his SMART CITIES, even though the communications industry has changed beyond recognition since its inception, the way we consume power has remained stubbornly anachronistic. The rules of physics are, of course, partially to blame, for making grid networks harder to decentralize, as opposed to communication

Aggregated News

Popular News Sources

New Funding For Acumatica ERP Cloud Business – $13 Million Invested

New Funding For Acumatica ERP Cloud Business – $13 Million Invested

Acumatica ERP Cloud Business Acumatica, a well known ERP cloud services company has raised over $13 millions in new funding led by Bain Capital Owned-MYOB. This is exciting news for the company and demonstrates the high level of adoption and commitment by their clients and partners. This investment validates the market acceptance of the Acumatica solution,” said

Why Microsoft CEO Satya Nadella Loves What Steve Ballmer Once Despised

Why Microsoft CEO Satya Nadella Loves What Steve Ballmer Once Despised

“I don’t want to fight old battles,” says Microsoft CEO Satya Nadella. “I want to fight new ones.” It’s Sunday evening, and Nadella is sitting in a glass-enclosed room at the back of a Japanese restaurant in San Francisco’s North Beach neighborhood, eating sushi with a few reporters. The post Why Microsoft CEO Satya Nadella Loves

Apple sales soar after record-breaking iPhone 6 and 6 Plus launch

Apple sales soar after record-breaking iPhone 6 and 6 Plus launch

The US tech giant reported a 16 per cent jump in iPhone sales between July and September, and the strongest growth in Mac computer shipments in years. Read the source article at dailymail.co.uk About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of