CIOs consistently rank virtualisation and cloud computing among their top strategic IT initiatives. In fact, earlier this year a study by IDC found that virtualisation is the number one priority for CIOs in 2012 with cloud computing second. At the same time CIOs also cite security as the main inhibitor to the adoption of these technologies. Blind spots, Virtual Machine (VM) sprawl, lack of separation of duties, new advanced threats and the dynamic nature of virtual deployments all contribute to their security concerns.
Many CIOs have begun to realise the benefits of virtualisation from data centre deployments—reduced operating costs, energy savings and increased flexibility. But as they look to expand their virtualisation strategies to the desktop to drive further value, security concerns compound. In order to reap the substantial benefits virtualisation promises, CIOs must be able to move forward with confidence.
So what’s keeping security professionals from being able to secure the enterprise against threats to their virtual environments, just as they protect their physical assets? The challenge is a lack of visibility into and control over virtualised infrastructure to defend it effectively. In essence, they haven’t established 'Information Superiority' over attackers. This becomes particularly challenging as organisations expand their virtualised systems from the data centre to the desktop.
To achieve information superiority in their virtual environments, security professionals must be able to enforce security policies across both physical and virtual environments. They also must be able to establish visibility and control to detect and stop threats targeting virtual infrastructure and the impact of these threats to applications and users.
When considering technologies to help secure the virtual environment, security professionals should look for the following attributes:
- Comprehensive – connecting physical and virtual security elements together.
Corporate security and risk management policies as well as compliance mandates demand consistent protection across physical and virtual environments. The ability to monitor, manage and report on security activities across the entire infrastructure from a central console is a critical step in enabling Information Superiority for the virtual enterprise.
- Integrated – combining network and application awareness with big data analytics.
Threats today are increasingly sophisticated and no aspect of the environment is safe. Integrating total network visibility—including hosts and other devices, applications, services and users—with big data analytics for increased security intelligence helps eliminate the blind spots in security controls that only monitor physical systems for malicious activity.
- Intelligent – delivering the right information needed to structure defenses.
In today’s resource-constrained IT security departments working smarter, not harder, has become a mantra. The ability for technologies to automatically assess new threats to determine which are relevant and business-impacting helps to focus response efforts and adapt defenses to quickly address changing conditions.
- Continuous – responding completely and systematically across deployed security infrastructure. The hyper-dynamic nature of virtualised environments exacerbates the need for continuous protection. Real-time visibility from the data center to the desktop, automating network security functions and management, and the ability to continuously detect and stop the latest attacks and control the inevitable outbreak are just a few examples of the capabilities needed to help maintain effective protection on an ongoing basis.
Without information superiority, implementing effective IT security is much more difficult because of all there is to know about rapidly changing modern physical and virtual network environments. Information superiority lets CIOs pursue their virtualisation strategies to maximise business flexibility, agility and cost savings without losing visibility and control over data integrity, security and business continuity.
Technologies that support a holistic approach to IT security, providing the same level of visibility and control from the data centre to the desktop and across physical and virtual systems, enable organisations to achieve information superiority and realise the full benefits of virtualisation.
Chris Wood is the Regional Director of Australia and New Zealand for Sourcefire