I admittedly stole the headline from the direct and welcomed article written by Art Wittman, Editor for Network Computing, writing on the topic of security concerns with virtualization.
Well-balanced security professionals know how organizations can dynamically balance the parallel goals of IT performance with security concerns. Still, the “negatites” (negative, often academic technologists) roam in the background preferring we all revert to manual calculations and typewriters in the name of uptight and non-attainable security standards.
The latest attack from the “negatites” focuses on the progressive world of virtualization. Virtualization is a technology I personally believe in and I believe it will be one of the more “game-changing” technologies this generation of IT buyers and sellers will participate in.
Networks have gotten good at sharing data efficiently and securely — and associated service levels have improved. I often argue the network is the business, as I look around at note the high amounts of IM, emails and VoIP centric calls I am involved with. None of these technologies operates without a sound network infrastructure.
And while devices like servers have been good at processing larger workloads, I think there’s more to do in the area of performance and pricing especially if SMB’s are to take advantage of the latest computing. And it’s going to be an interesting topic for the next few years — at least to the virtualized guys!
The Negatite Theory says “Consolidation through Virtualization enables Hackers to Access One Point and do More Damage”
My Rebuttal is, “You’re Wrong”!
Many years ago, I became acquainted with prioritization in security layering technologies and the first thing I learned well was to make sure security strategy was enabling and not limiting business. Virtualization enables larger companies to consolidate and thereby save on HW and SW costs as well as the “green” issues like air conditioning and electricity. Virtualization also provides SMB’s competitive advantage; often these firms have no choice but to limit their HW and SW expenses yet have the same demands of multi-site offices and across the pond channels.
More so, I believe Virtualization will enable better security policies and hinder stagnant hacker attacks. Virtualization has grown up and a company can now dynamically move a dB from Boston to Chicago and then LA dynamically without the need for physical movement. While some hackers will thrive on the challenge, the truth is that most hackers will have more difficulty “getting-in”. This of course assumes that the company has employed best practices and solid security technologies.