Maintaining Security with Enterprise Virtualization

Recently at Gemini we evaluated basic security implications of deploying a particular large-scale desktop virtualization package. Many people have heard of “virtual machines” that enable you to run different operating systems concurrently on one physical computer. But enterprise virtualization solutions go far beyond that scenario, enabling companies to do everything from stream specific applications from a server rather than installing them or have users share the same desktop configuration running on a central server. Companies can even mix and match various types of virtualization in the same environment.

The variety of virtualization options means each situation can carry specific security demands. But certain benefits and risks factor into many deployment decisions. On the positive side, virtualization can simplify maintenance and help ensure consistency by centralizing certain administrative tasks. The added layers of abstraction can also assist in isolating resources or adding flexibility to data storage options.

But those same new abstractions mean increased complexity and potentially much more data flowing between various parts of a network. Administrators also need to stay aware of how data retention is handled in a virtual environment. Adding virtualization to an existing environment can blur traditional notions of access, authentication, and management. Securing each aspect may require rethinking old approaches and policies; for instance, stealing an entire virtual desktop basically involves copying a file.

An article from last month in The Register explores these and other aspects of virtualization security. And as an earlier piece had noted, many deployments introduce security risks from a failure to fully evaluate the effects of such a setup: “Oddly enough, in many cases, security seems to not even be an afterthought, much less a forethought. Gartner’s surveys show that 40 per cent of server virtualization projects were done without bringing the company security experts in from the get-go as the virtualized infrastructure was planned.”

If you’re thinking of adding desktop virtualization to your enterprise, don’t make the same mistake – contact Gemini to ensure your data remains safe.