Virtualised servers being deployed insecurely, says Gartner
- Reduce text size Decrease text size
- Increase text size Increase text size
- Print article Print
- Jump to comments Comment
- Share this article Share
- Email article to a friend Email
Most of the virtualised servers installed between now and 2012 will be insecure, says Gartner, mainly because they will be done so with the advice of security professionals
By 2012, the majority of virtualised servers will be less secure than the physical counterparts they replace, according to analysis by market researcher Gartner.
Statistics published by Gartner show that 60% of virtualised servers will be considered insecure. This is not because they are inherently so but because many are deployed incorrectly or without the advice of information security staff in initial architecture and planning stages.
Security pitfalls associated with virtualisation include mounting workloads of different trust levels onto a single virtual server, and poor visibility and controls on internal virtual networks.
Part of the problem, according to the industry analyst, is that 40% of all virtualisation projects were completed without consulting security experts, as businesses ignore the risks associated with introducing hypervisor and virtual machine monitor software.
Education will play a major role in solving these issues, Gartner claims, forecasting that the 60% figure will fall to 30% by 2015. “Virtualisation is not inherently insecure,” said Neil MacDonald, vice president and Gartner fellow. “However, most virtualised workloads are being deployed insecurely. The latter is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants.”
