It’s been awhile since I’ve written about security, but last week I came across a really great (but frightening) example of how security is affected with virtual environments. An organization who was running a virtual environment suddenly lost access to their entire infrastructure. It wasn’t a result of a badly configured virtual environment, it was arguably one of the first examples that I have come across of an attack against a virtual environment. I don’t know if it was intentional, but it’s a very interesting story of just how the threat landscape is adapting.
Essentially what happened was that the Windows server their virtual environment was running on had suffered a malware infection. The worst thing was that it was a known exploit, but hadn’t been patched. What the exploit did was cause the server to hit the network stack with enough traffic to cause a DDoS attack against the management console. This brought not just everything down, but rendered the environment unavailable.
Can you imagine if this type of vulnerability happens in production environment, such as in a financial or e-commerce organization? Aside from the financial ramifications of not being available to customers, but if you couldn’t recover any of your data? This type of attack could theoretically cause irreparable damage to a company.
I know the whole concept of securing virtual environments is a new thing. I work with several research groups within the Cloud Security Alliance so I am aware of just how little information there is out there as it relates to best practices. But when a real-world example of how these types of attacks are starting to affect virtual environments, it makes it clear just how important these conversations are.
Now I am not sure what happened to the organization who was the unfortunate victim of the attack. I hope that the fact that they figured out it was a network issue means that once the vulnerability is patched the VMs can be restarted. But I doubt that this is a rare and isolated example, which means that it is officially time for security and infrastructure folks to step up their game.
I was recently attending a cloud conference and had the chance to talk to several of the key technology vendors that were in attendance. One of the major vendors seems to be working closely with just about everyone in the cloud and virtualization space, and it made me question what kind of benefits to solution providers and other vendors these types of relationships provide. Suddenly the main cloud players are building partnerships to develop solutions for attached security, storage, asset management, performance monitoring and other operational technologies within virtual environments. But what benefit is there to have such tight integration with one or two key cloud platform vendors? Continue reading
DLP is always a strange thing for me to talk about, since I remember the first round of solutions that ended up causing more headaches than solving the problem of data leakage. But with cloud, it’s all of a sudden a new conversation and DLP is right at the forefront in classifying the types of data that are the centre of the cloud design. All of a sudden DLP cannot be ignored anymore, it’s become a critical part of the new cloud landscape. Continue reading
The other day I was asked about application whitelisting as a way to deal with endpoint issues in virtual and cloud environments. I never really thought about it in this space, as usually application whitelisting was a technique used to control rogue users who like to install anything and everything on their desktops and laptops. So how does this practice affect virtual and cloud environments, and more importantly, does it make sense? Continue reading
I recently met with a Canadian cloud innovator, DataGardens, to provide some input on how their solutions would benefit different market segments, and be used for different key continuity and security functions. If you haven’t heard of DataGardens (I have to admit, I wasn’t familiar with them either) or their flagship solution, DataGardens WAVE, you might want to take a look at them again. Especially if you have need for virtualization or cloud business continuity services. Continue reading
Do you feel like no matter how much you invest in IT security, you are losing the battle? There has been a lot of talk that security specialists are facing an uphill battle for the foreseeable future thanks to the speed of mobile device evolution and cloud development. Personally, I feel the pain of security folks. Virtualization has made things more complicated, and now with tablets and smartphones, it’s never going to return back to the network security days. But there is something that cloud is bringing to security that will make it easier for security folks, and that is Big Data. Continue reading
I stumbled upon a post via Twitter the other day from Scott Lowe of Tech Republic on IDV (yes, I thought at first I was getting a mild case of dyslexia, but no, it is IDV) and the difference between VDI and IDV. IDV stands for Intelligent Desktop Virtualization and although it essentially delivers the same idea as Virtual Desktop Infrastructure (VDI) it’s actually not just more efficient, it’s really quite brilliant. Continue reading