The Lighter Side Of The Cloud – Propositions
The Lighter Side Of The Cloud – Xoogler
The Lighter Side Of The Cloud – Connection

IT Security is Integral to Cloud Policy Planning

IT Security is Integral to Cloud Policy Planning

You’ve seen the movie version: a crack team of hardened (but lovable) thieves exercise their wits and prowess to break into a super-secure facility in order to steal a computer with data that will put away even worse bad guys and save an orphan or two as a bonus.

These movie anti-heroes may be fiction, but the security of such facilities is not. For years, data centers have been constructed to manage and track physical access onto the premises. There is an entire industry around protecting access in the data centers with vendors specializing in hand scanners, man traps, cameras, guards (usually armed), and cages to segregate access.

When I worked on building a data center in a facility on the East Coast, I had to go through three man traps and a cage door that verified my identity with a hand scanner before I was allowed near a machine. Make no mistake, physical security measures within a data center are very much real.

But now, there is a new danger to data center security that, in our own exuberance to embrace the technology, may be leaving those security measures wide open. The technology? Virtualization.

Virtualization is taking off and rightly so: the advantages of running multiple machines within a single physical box are simply too great to ignore. Even at the user level, unused CPU cycles can now be used to host another running application instead of helping discover extraterrestrial life. At the data center level of operation, virtual machines are a vast improvement on operating costs and production output.

But all the vaunted security of a data center can actually be just a theater of security once an intruder gets remote access to your hypervisor or access to the storage array where the virtual images live.

In the past, a physical intruder either had to remove the hardware or be very quick at attempting to access the data in the data center to break into a system. Today, all an intruder has to do is comprise the security of a hypervisor, which often has access to the storage array where the virtual machines are stored.

Copying these files and launching them in the thieves’ environment in their comfort of their own lairs is now child’s play. Criminals can override local security, which is often very weak at the machine’s front end, since they now possess or have a copy of the virtual files that comprise the entirety of the virtual machine (for example, a VMDK file). This is, for all intent and purposes, exactly the same thing as being in front of the physical machine, only better: the hacker now has the added benefit of time to get into the system.

This is a problem not only for data centers. Intellectual property in the form of game software has been the target of hacks on the PS3 and Xbox game consoles, which use secured hypervisors to protect that very same IP. If a hypervisor layer specifically designed to protect data can fail, then what chance does a hypervisor layer in the datacenter have if it isn’t tightly configured?

There are, fortunately, solutions to this potential hole in your security. Third-party products exist that will let you manage authentication at the VM level of the stack. So, if someone gets their hands on a virtual machine (or a copy), they will have much more than just the security on the virtual OS to contend with. The hypervisor layer itself will provide added protection.

The key thing to remember is that information security must be planned for at the beginning of any virtualization and cloud policy. For instance, make sure you account for any VM-only connections that would otherwise be blind to your security policy. Take the physical state of your virtual machine’s security into account as well. Pilfering a data file is a lot easier than lugging a blade server out the door, so you need to maintain physical security more than ever.

By paying attention to the hypervisor layer, you can make sure you don’t make it even easier to crack into your virtual systems.

By Yvo Van Doorn

Yvo Van Doorn is currently a sales engineer at Likewise Software.

 

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Recent

The E-Learning Market – Cloud Computing Adoption

The E-Learning Market – Cloud Computing Adoption

The E-Learning Market  We’ve talked a fair bit about e-Learning and MOOCs (Massive Open Online Courses) technologies here on CloudTweaks over the past number of years. The industry is expected to continue to grow at a brisk pace as more and more firms and educational institutions start to adopt cloud based services.  Docebo has an excellent…

Big Data, Business Intelligence And The Programming Language “R”

Big Data, Business Intelligence And The Programming Language “R”

Why Your Next Business Intelligence Hire Will Use R As anyone working in the field knows, business intelligence is an evolving landscape. New technologies, combined with a rapidly expanding marketplace, are disrupting legacy solutions and established platforms. Despite such growth, however, there have been a few constants, such as the R programming language. As other…

Beyond Gaming: Three Practical Applications For Oculus Rift

Beyond Gaming: Three Practical Applications For Oculus Rift

Three Practical Applications For Oculus Rift  Since the announcement of the Oculus Rift in 2012 gamers and game developers alike have been frenzied trying to both get their hands on the unit or build their own proprietary VR machine. The VR gold rush has since lead to the announcement of Project Morpheus from Sony and…

Popular

Public vs. Private vs. Hybrid: Which Cloud Is Right for Your Business?

Public vs. Private vs. Hybrid: Which Cloud Is Right for Your Business?

Public vs. Private vs. Hybrid The debate surrounding the deliverability of cloud computing is coming to a close. Businesses have begun to rapidly adopt the use of cloud services, courtesy the ROI this disruptive technology brings to the table. They have finally realized they cannot afford to ignore the cloud. A Forrester study found that…

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…

5 Considerations You Need To Review Before Investing In Data Analytics

5 Considerations You Need To Review Before Investing In Data Analytics

Review Before Investing In Data Analytics Big data, when handled properly, can lead to big change. Companies in a wide variety of industries are partnering with data analytics companies to increase operational efficiency and make evidence-based business decisions. From Kraft Foods using business intelligence (BI) to cut customer satisfaction analysis time in half, to a…

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth The Internet of Things is the latest term to describe the interconnectivity of all our devices and home appliances. The goal of the internet of things is to create universal applications that are connected to all of the lights, TVs, door locks, air conditioning, and…

Sponsored Posts

How CYOD Helps Make Hybrid Cloud More Productive And More Secure

How CYOD Helps Make Hybrid Cloud More Productive And More Secure

How CYOD Helps Make Hybrid Cloud More Productive and More Secure Recent analysis by IDG/DELL has found that companies are expecting “increased IT efficiencies” and “lowering total cost of ownership (TCO) with optimized application delivery” as they move toward hybrid cloud and private cloud deployment. In short, they expect things to work better and cost…

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7


Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Branded Content Programs

Advertising