Virtualization is becoming ubiquitous in data centers, prized for its ability to produce savings in the form of less hardware, a smaller footprint, and provisioning cost reductions. But the folks at SunGard say that some organizations are repeating the same security mistakes they made in the physical environments in the virtual world.
In hopes of avoiding those pitfalls, SunGard recommends:
1. Including security in the total cost of ownership calculations so that security services that need to be installed don’t come as a surprise, or extra expense, when they come up.
2. Make security a priority in the virtualization design. Issues like storing credit card data on a single server, or physically separating the Web server from the application server to reduce the risk of data compromise.
3. Monitor the invisible network. Physical world solutions are being modified to monitor virtual environments, but new products that will offer increased monitoring on the hypervisor level, virtual patch management and tools to conduct forensic investigations in virtual environments should be forthcoming.