Wednesday, January 27, 2010

Virtual less secure than physical?

Robert Grapes over at Cloakware wrote an interesting article that caught my attention with this fact:
Analysts predict that in the rush to reap the benefits of deploying virtual systems and applications, more than 60 percent of virtual machines deployed will be less secure than their physical counterparts.
I wonder if some people think that simply running a virtual machine on a physical box that is protected appropriately means that all the virtual machines are equally protected? If only that were true. Robert’s work centers around privileged identity management or how to manage privileged identities (i.e., Unix’s root or Active Directory’s domain administrators) in sea of unprivileged identities. In this article Robert gives great perspective on this important aspect of identity management in a virtualized environment. He also raises a great question regarding the need for security systems to be highly scalable in an easily scaled virtual environment – a great point.

If you get a moment read his article.

No comments: