|
|
 |
|
Viewing report
|
|
|
|
Embracing Virtualization: Opportunities and Threats to Information Security
LEXSI, Feb 2010, Pages: 25
Virtualization and its variations has become a major technology, impacting computer security over the long term. We try to analyse its global impact on information systems security, and the mutations of cybercriminality it may induce.
Today, virtualization offers significant opportunities in terms of cutting infrastructure and maintenance costs. For this reason, it is not surprising that a large number of businesses are making the switch to these technologies, and especially cloud computing, which is often cited as a promising technology.
Yet, application hosting on an outside cloud computing service is coupled with risk. First of all, there are the risks tied to any kind of external application hosting, which can threaten not only the availability of the applications but also the confidentiality and integrity of the data being manipulated. Although this risk is not fundamentally different from traditional service provider risks, specific aspects of cloud computing, such as the geographic location of virtual machines able to move between data centers, and the resulting legal risks, must be considered.
At present, even though cybercriminals do not perceive Cloud computing as revolutionary, some have attempted to host certain malicious operations (including spam, intrusion attempts, and malware) on widely used clouds, such as Amazon EC2. These new architectures, which draw on the pooling of public IP addresses between several VMs, are problematic for security systems that are based on IP reputation analysis.
The major advantage to desktop virtualization is the fact that the information leak risk, as a result of IT equipment being lost or stolen, is almost entirely eliminated. However, these technologies require IS penetration detection systems to be totally reconsidered.
Our recommendation to banks having opted for virtualization of all or part of there is to examine the applications to be virtualized on a case by case basis, in order to size resources and study the specific risks. Service providers must meet strict service level requirements and, in so far as possible, be subject to routine audits.
Product samples
A sample for this product is available. Please Login/Register to download this sample.
Customers who bought this item also bought
Enterprise Technology Trends in 2010: The Top IT trends Affecting Organizations in 2010
Growth Opportunities and Markets for IT Outsourcing: New Possibilities for Contact Center, Infrastructure, Applications and Business Process Outsourcing
Managed Services Market in South Africa
The Future of Consumer VoIP: Leveraging Internet Advances for Profitable Consumer Voice Services
North American Managed Security Service Providers (MSSP) Market
The Enterprise Communications Market Outlook: Identifying market dynamics and vendor opportunities
Global Managed Security Service Providers Rollup
Infrastructure Virtualisation: Transforming the Way IT is Delivered
Google Market Intelligence
World Intrusion Detection and Intrusion Prevention Systems Markets
|
|
|
|
