Is virtualization a black hole in your security? 5 ways to ensure it isn’t
Computers & Technology → Site Security
- Author Ted Weber
- Published February 6, 2010
- Word count 1,713
Is virtualization a black hole in your security?
5 ways to ensure it isn’t
The ease with which virtual computer image files can now be downloaded means there is a
much higher risk of end users running unauthorized applications – from games to browsers
to beta software – in a virtual environment, making corporate systems and data much more
vulnerable than in the past. This paper describes the hidden threats raised by unauthorized,
unsecured desktop virtualization, and gives five effective ways to secure yourself against them.
Is virtualization a black hole in your security? 5 ways to ensure it isn’t
Is virtualization a black hole in your security?
5 ways to ensure it isn’t
Virtualization’s appeal
Virtualization technology has been around for more than 40 years but it wasn’t until recently that it really took off in the enterprise thanks to its promise of hardware savings and increased agility.
By encapsulating and isolating operating systems and applications from the underlying hardware, virtualization lets IT departments pack multiple independent virtual machines, each with its own operating system and applications, on a single server. This has brought real business benefits to organizations in terms of administrative and cost efficiencies. In addition freely available virtualization software, such as VM Player, has highlighted the potential of virtualization and has led to a boom in the use of virtualized software on the desktop.
This upward trend looks firmly set to continue, with Gartner, Inc predicting "Virtualization will be the highest-impact trend changing infrastructure and operations through 2012".1
Virtualization in a nutshell
Virtualization separates logical resources from physical resources, allowing multiple systems to be run on one piece of hardware.
Enabler Benefits
Can run more applications on fewer computers, and legacy applications and operating systems on
newer desktops
Allows IT to extract more value from its hardware investments and reduces management costs
Can be moved quickly and automatically to new systems
Enables business continuity and disaster recovery in the event of hardware failure
Easier deployment and management of virtual systems
Reduces the administrative complexity
Availability of cheap storage and high bandwidth Easy to deploy virtual environments on standard servers and computers
virtualization a black hole in your security? 5 ways to ensure it isn’t
The security issues
The benefits of virtualization might have been recognized but what is not so well grasped is the issue it raises about security. Server virtualization, with its enclosed, managed, highly protected data center environment, is not much more vulnerable than non-virtualization. Similarly, virtual desktops that are managed by IT, are running no significant
increased risk. The real thorny security issue today is the proliferation of unauthorized virtual software
that might be running on your company desktops and roaming laptops for a couple of reasons:
Product evaluations, games and other software are often distributed on virtual appliances and free virtual machine players.
Employees deliberately run unauthorized applications in a virtual environment to avoid detection – they might even be running a private business.
There is also risk associated with authorized but unmanaged virtualization, notably the selfcontained test and Q&A environments created by developers.
The hidden threat
All these virtual machines introduce a new set of challenges, security vulnerabilities and management issues that IT has to address in order to protect its infrastructure from viruses, hacking, and other security threats.
Like smartphones, instant messaging, and other technologies which can sneak into the organization through the backdoor, the hidden, unmanaged virtual environments which your employees deliberately or unwittingly install on their corporate systems without your knowledge, circumvent traditional policies and privileges, and create a black hole in your organization’s security system.
Installing a virtual machine on a networked computer is functionally the same as installing a physical desktop computer. So each new virtual machine must conform to your security policies.
This means it must have its own anti-virus agents and any other endpoint security software your
policies mandate, and must be kept up to date with relevant security patches. Even though the computer probably has all these security measures in place, the virtual machine is, to all intents and purposes, separate and must be patched and secured as a separate computer.
Unfortunately, a user-downloaded and installed virtual machine most probably doesn’t conform to corporate security policies, or have your companydeployed security software running. Since you cannot detect its contents, there’s no way to find out if it does. Even worse, the virtual machine might contain viruses or other threats that can
be used to infect or hack your network. This not only compromises your security but also creates a significant risk that you will no longer comply with the increasing number of legal and industry
regulations that require you to protect confidential data.
A typical user will almost certainly not consider this when downloading a virtual machine. And even if they do, there’s often no way for them to know what’s on the virtual machine until they install it.
Hidden, unmanaged virtual environments circumvent traditional policies and privileges, and create a black hole in your organization’s security system.
Is virtualization a black hole in your security? 5 ways to ensure it isn’t
5 steps for taking control
Despite these formidable challenges, it is possible to secure your network from the dangers of desktop virtualization. It doesn’t necessarily require new types of security tools or a whole new approach to security. With the important proviso that your existing management, policy, and technology tools are up to the task of effectively securing a non-virtualized environment, you just need to make sure they also take virtualization into account.
Here are five effective measures you can take to secure your network from virtual hazards.
1Update your acceptable use policy and educate your staff
Most organizations have acceptable use policies (AUPs) in place with the rules and guidelines users must follow when using their computers and the internet. It’s time to update your AUP to address virtualization, spelling out the exact conditions under which virtual software can be installed, what approvals are required, what types of software can be run, and how it must be protected. You also need to spell out the repercussions employees can expect if their unauthorized installations are discovered.
At the same time, it’s important to educate your employees on your entire AUP policy, including
what the threats are, how they translate into policy, and the true costs and implications of a security breach.
2 Limit use of virtual machines only to users that need them
The truth is, in many IT environments, most users have no need for virtual machines on their desktops at all. The best solution is simply to forbid the installation of freely downloadable virtual software on corporate desktops or laptops.
The situation is different with regard to the "professional" virtualization tools that users, such as developers, need for software testing or other purposes. Permission to use virtual machines should be limited to this small group of users who truly need them and who can be trusted to ensure that the use of all virtual technologies conforms to corporate security policies.
3Keep your virtualization and security software up to date
Make sure every known virtual machine includes the same personal firewalls, anti-virus, intrusion detection and other client security software as your physical desktops and laptops. Vendors are starting to develop security software that can sit underneath the virtual machine layer by integrating with the hypervisor – the means by which virtualization is possible – but these solutions still do not provide the in-depth context and sensitive behavioral analysis necessary to detect the latest malware in action.
Network access control (NAC) software on each computer can help, depending on configuration (virtual machines can operate in a bridged mode where they connect directly to the network, or can masquerade as the host making NAC difficult), as it can block network access until a physical or virtual machine is up to date according to corporate policies.
Is virtualization a black hole in your security? 5 ways to ensure it isn’t
As with any software, virtualization software itself can be exploited, so it’s important also to keep all your known virtualization software and applications updated with appropriate security patches from the vendor. Some centralized patching solutions may not provide detection or patch remediation capabilities for virtualization products, meaning that your administrator will have to define policies for the virtualization vendor’s update tools.
4Choose security products that support virtualization
Things to consider when looking at security products that support virtualization include:
Does the security vendor supports the virtualization software you want to use?
Are there any known conflicts with existing virtualization platforms?
Does the security software allow you to control the use of virtualization software?
5Create and maintain a library of secure virtual machine builds
One of the surest ways to ensure developers and testers create virtual machines that meet your security requirements is to make it quick and easy to do so. Create a repository of virtual machine builds with all the configuration settings, security software, and software patches required by your security policy that users can simply download use, and reuse as necessary.
What lies ahead?
Today the security problems with virtualization are centred around the difficulty of identifying and
protecting the unauthorized virtual environments that emerge on the corporate network. This will remain the case but in the future the threat is likely to expand.
Threats that specifically target virtual machines, such as the RedPill hacking tool and the rootkit BluePill, have raised concerns about the threat to virtual machines themselves. This type of threat which attacks the hypervisor are in reality merely proofs of concept. However, as virtualization increasingly replaces today’s infrastructure,
becoming more supported in the operating system and used by more applications, it is highly likely
that we will see more hypervisor attacks become much more of a real threat.
Conclusion
Virtualization can represent real value, particularly at a time of increasingly constrained IT budgets and its mushrooming popularity looks set to continue, transforming the way computers are used in the enterprise. While organizations deploying managed virtual desktops are running no significant increased risk, unauthorized desktop virtualization brings a host of security challenges to IT. By incorporating virtualization into your overall security strategy, you can protect your network from its dangers while profiting from its benefits.
This article was provided by Sophos and is reproduced here with their full permission. Sophos provides full data protection services including: security software, encryption software, antivirus, and malware.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- A Brief Guide: The A-Z of Tailgating Attacks
- Essential Tips for Proofreading and Editing University Assignments
- Stop the Bleeding
- Top 10 Digital Forensics Tools: An In-Depth Exploration
- All You Need To Know To Secure Your Data From Phishing
- Crypto Security Guide: Everything You Need to Know to Protect Your Crypto
- Advancing Email Validation in Laravel
- Fortifying the Digital Fortress: Understanding the Foundations of Cybersecurity Architecture
- How is GenAI Changing Cybersecurity?
- AI-Enhanced Cybersecurity Trends for 2024
- The Game of Trust: A Guide to the Future of KYC in Gaming
- AI in Cybersecurity: The New Frontier in Digital Protection
- Metadata: The Attorney’s Secret Weapon in Civil Litigation
- The importance of cyber security
- 5 Reasons to Comply with CMMC
- Payless CCTV Security Camera
- How Bitdefender Protect From Pegasus Spyware
- Printer Security? Here Are 6 Tips To Keep Your Business Safe
- Why it is important to install Access control system at your business
- Powerful Keyloggers for Windows
- Website security check: Tips on how to protect your website from hackers
- How will cyber threats evolve in 2020?
- When to choose red teaming over penetration testing: A guide to a robust cybersecurity program
- Protect your files with drive image backup software
- How Cloud Management Values Change Your Business
- The U.S. Government and Zero Day Vulnerabilities
- Spyware – Yet Another Cyber Menace
- Reset lost passwords in Windows with Active@ Password Changer
- Antivirus measures you should know when your PC is infected with a virus
- Security Fit For Royalty!