As the rush to virtualize data centers continues, questions about security keep popping up. When you start storing and transacting large hunks of your business outside the safe confines of your own tightly controlled data center, it's only natural to worry about all the things that can go wrong.
So what to do? Enterprise Systems offers a good thought piece by Shlomi Dinoor, vice president of emerging technologies at Cyber-Ark, on techniques you can try to keep control of the security of a virtualized data center.
What's the problem?
Increased adoption of virtualization does lead to additional risks to an enterprise, especially in terms of IT security. Here's the proof. Survey data from Gartner conferences in late 2009 indicated that about 40 percent of virtualization deployment projects were undertaken without involving the information security team in the initial architecture and planning stages. Consider the challenges this disconnect places on IT administrators, especially those responsible for managing uber-powerful privileged identities, applications and data. In a virtual environment there is a multiplier effect. Administrators are no longer just focusing on vulnerabilities presented by one system and one application; they are responsible for almost limitless applications and data.
Perhaps you've felt that pain.
One solution, Dinoor suggests, is to focus on automation.
To better secure data center identities, processes, and operations, organizations must be able to automate the detection process of privileged accounts, including service accounts and scheduled tasks, wherever they are used across the data center and remote networks. This auto-detection capability significantly reduces ongoing administration overhead by proactively adding in new devices and systems as they are commissioned, and it further ensures that any privileged password changes are propagated wherever the account is used. It also increases stability and eliminates risks of process and application failures from password synchronization mismatches.
This eventually has to happen, he contends, because manual controls and processes can't be scaled as virtualized data centers grow exponentially. These are deep-think issues, but IT has to come to grips with the inevitability of large-scale virtualizations and the security risks that will come along with it.