We live in a virtual reality.
No, not the kind where you put on goggles and gloves and explore an unreal visual environment. But the kind where virtualization has forged a new reality for everything, from desktops to data storage.
The benefits are touted far and wide — but as with everything involved in shaping the new world of work, the rise of virtualization is accompanied by questions about information security. Will it help protect your data? Or make it more vulnerable?
Virtualization rising
Last year a Cisco report revealed that 77 percent of small-to-medium-size businesses have adopted some form of virtualization; more than half of those are applying virtualization to data storage. Ricoh does much the same thing. We rely heavily on virtual servers, which require less physical space, less energy and fewer human overseers.
But of the 23 percent of SMBs that have not gone the virtual route, half cite security as their reason for abstaining. They’re familiar with the firewalls and protections needed for their traditional servers, and not so sure how to achieve that protection when data is handled virtually.
So how do we find the security we need in a virtual environment? How does virtual storage change the security game? Is there reason to be concerned?
“Natural” security
There are no magic wands when it comes to security. But there are two fundamental principles of data security that virtualization supports — thanks to the nature of virtual environments.
One principle is “isolation.” IT professionals isolate their networks, for compliance, keeping different environments (development, production, etc.) separate, and for the simple virtue of containment. Virtual networks can help achieve this type of security. If implemented properly, they will remain isolated from other virtual networks and the underlying machinery alike.
The other principle is “segmentation.” This is the same as isolation, really, but on the scale of network segments and tiers. Traditionally, IT achieves network segmentation through physical firewalls or routers that either permit or doesn’t permit traffic to cross between segments and tiers. But again, because of the natural segregation of a virtual network contained within a virtual server, the firewalls needed to achieve segmentation may already be built into the virtual network.
Easy add-ons
Another way that virtualization actually assists security is by easily spreading inserted security solutions across devices. As reported last year at CSOonline.com, “one change can be propagated across the entire virtual environment automatically, rather than having to push it out to each physical device individually.” Virtualization definitely assists in achieving the agility many businesses now consider critical to success.
Never out of the woods
Virtualization is not a magic wand — and you are never completely safe from a breach.
And even with the natural advantages of virtualization, there are some weaknesses. More than one virtual network may be on a single physical server, and because they can interact without crossing over other physical servers, their interaction is not always visible. Here the isolation aspect creates kind of a shroud. Vendors are aware of this and other potential weaknesses, and you can find patches and protections designed to fortify them.
In general, though, it probably goes without saying that your best protection comes from studying and understanding the technology. Don’t let your unfamiliarity keep you from embracing an advance that may be right for your company, but also don’t get into anything this complex without first doing your homework. A knowledgeable and conscientious vendor, who works with you to address your particular concerns, is fundamental to securing your data — and a profitable future for your business.
Without a combined effort, strengthening IT security isn’t just difficult, it’s virtually impossible. Start the conversation on security now.
Tags: Blog