Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, December 01, 2006

Virtual concerns

Administrators, developers, and power users are starting up new virtual workstations and servers with every new corporate breath.  Administrators and CSOs are considering all of these ideas to save money and increase security. Whether virtual solutions have the speed, flexibility, and security to become a win-all solution is yet to be seen. I remember hearing the same promises during the heyday of thin-client computing, and that technology largely failed.  Of course, for every security benefit a virtual machine provides, a new security threat or risk emerges.  The author wants to add some other scenarios to consider.

Multiple real servers can be consolidated into one larger, more powerful virtual server platform; just pack a single server with a lot of memory and a very fast CPU.  But what’s coming on the virtual forefront is even more revolutionary. I know of one company that’s going to allow its employees to work from home using virtual images. The company will send the entire corporate image to the employee over a VPN connection, or at worst, on a single DVD.

Security experts and power users are using virtual machines to explore the riskier parts of the Internet without worry of host desktop modification.  Banks and protection vendors are coming up with innovative solutions that involve sending virtual desktops to their online customers to prevent remote control bots from stealing PINs or fraudulently transferring bank balances.

First, because new virtual machines are so easy to create, administrators and operators aren’t treating them with the same security thoroughness as they do real metal and wire servers. 

Second, if attackers break out of a VM into the host, they can immediately impact every other supported host on the server.

Third, anti-virus software and other scanners on the outside can’t easily scan inside virtual workstation images for worms, bots, and other threats.

Last, there are no comprehensive studies to prove how well a virtual machine protects against running malware.

Like instant messaging and USB thumb drives, the virtual revolution is coming whether you like it or not.  Discuss the impact virtual machines will have on your environment, especially on security, with vendors and your technical staff.

Posted on 12/01