Gartner says 60% of virtualised servers are a security risk

A report has found almost two in three virtualisation projects result in a less secure server environment due to poor planning and implementation skills in the channel. Research by analysts at Gartner found 60% of the virtualised servers were more open to security vulnerabilities than a physical i

A report has found almost two in three virtualisation projects result in a less secure server environment due to poor planning and implementation skills in the channel.


Research by analysts at Gartner found 60% of the virtualised servers were more open to security vulnerabilities than a physical infrastructure.


It is not that virtualisation is inherently insecure but the problem lies in the configuration of systems, said Gartner fellow Neil MacDonald.


"Most virtualised workloads are being deployed insecurely," he said, "[which] is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants."


Around 18% of enterprise data centre workloads were partitioned by the end of 2009, but 50% are expected to have virtualised within three years.


"As more workloads are virtualised, as workloads of different trust levels are combined and as virtualised workloads become more mobile, the security issues associated with virtualisation becomes more critical to address," said Gartner.


The findings reveal that 40% of virtualisation deployments did not even factor IT security into the initial architecture and planning stages, and Gartner advised security processes be extended to the hypervisor and virtual machine monitor.


The virtualisation layer may contain embedded and undiscovered vulnerabilities that could be exploited and Gartner warned that it should be regarded as the "most critical x86 platform" in an enterprise data centre.

MicroScope+

Content

Find more MicroScope+ content and other member only offers, here.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

ComputerWeekly

SearchITChannel

Close