English   Deutsch   Русский      

Virtualization Security Survey: Security – an essential prerequisite for successful virtualization

During September and October 2010 KuppingerCole conducted an independent survey of the status and plans for Virtualization Security amongst organizations. This survey shows that security is a key success factor to virtualization. Organizations transitioning to a virtualized or cloud IT model need to invest in a security strategy, in organization and skills, and in technology. Vendors need to provide better integration between security and service management plus security tools to better support heterogeneous virtualized and physical environment.
 
Highlights of the results are:
  • The major driver of virtualization is the improvement of IT operational efficiency. The least important drivers are preparation for Cloud IT closely followed by meeting Green IT targets.
  • The major inhibitor for implementing virtualization security is the lack of expertise and skills to plan and implement it. Around a quarter of organizations believe that virtual environments in general are less secure than physical environments.
  • The most important security challenge and concern is around “data sprawl”. This issue is closely followed by concerns relating to the fulfilment of both regulatory compliance and internal audit requirements in a virtualized or cloud environment.
  • One key issue highlighted by the survey is that nearly three quarters of respondents are concerned about the far-reaching privileges introduced by hypervisors which might lead to abuse. Technologies available today to mitigate the risks posed by privileged access in virtualized environments yet these are not widely deployed.
  • There is a lack of integration between virtualization, security, and service management less than half organizations report integration in this area.
  • Too many security activities are still dependent upon manual processes, performed without supporting technology and the scale of virtualization makes this approach untenable.
  • By not investing in virtualization security when there are well identified security threats organizations are taking unnecessary risks which could easily be mitigated.
The survey allowed participants to add comments and free text. Some of these comments have been added as quotes to the report.
 


Date Title Price
30.11.10 Virtualization Security Survey: Security – an essential prerequisite for successful virtualization


free Access 
top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Spotlight
Cloud Provider Assurance
Using the cloud involves an element of trust between the consumer and the provider of a cloud service; however, it is vital to verify that this trust is well founded. Assurance is the process that provides this verification. The first step towards assuring a cloud service is to understand the business requirements for it. The needs for cost, compliance and security follow directly from these requirements. There is no absolute assurance level for a cloud service – it needs to be just as secure, compliant and cost effective as dictated by the business needs –– no more and no less.
KC Trusted Independent Advice in CLoud ASSurance
KC CLASS includes a detailed analysis of the Cloud Assurance management tasks in your company and the current status of the Cloud Services integration in your IAM, and a recommendation on how you can standardize the approach for the evaluation of Cloud Service Providers.
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2014 KuppingerCole