Access your Pro+ Content below.
Sell the business on virtualization security
This article is part of the April 2009 issue of Information Security magazine
Virtualization has taken on a life of its own, sweeping across organizations of all sizes and shapes like a perfect antidote to all the inefficiencies in IT. Executive management has been rushing to inject this drug as quickly as possible, viewing all of the costs savings realized through virtualization as free. And in this economic environment, the pressure is particularly high to move quickly and ask questions about security later. "Free" to a CFO or CEO means getting all the efficiencies without any commensurate risks. A few of the perceived freebies include faster time to market for new applications via "McServers," less physical space to house data centers and server farms, less power to cool and operate the data centers, faster and lower-cost disaster recovery. But we in security know better. There are no free lunches in IT. Now that the antidote has taken effect in most organizations, some of the side effects are popping up. Things have moved so quickly that IT security has struggled to define its role in the new virtual ...
Features in this issue
Delaware's Dept. of Technology and Information conducts annual incident response exercises that test the readiness of state agencies to respond to real attacks. Learn how simulated cyberattacks and incident response exercises help organizations prevent future attacks and maintain business continuity.
Tying log management to user identity shortens incident response and forensics investigation cycles. Learn how compliance has mandated that organizations determine not only when incidents occurred, but who is responsible for unauthorized access.
DLP promises strong data protection via content inspection and security monitoring, but real-world implementations can be complex and expensive; these eight real-world lessons help you use DLP to its fullest.
Columns in this issue
Executive management sees virtualization as the cure-all, but CISOs need to ensure it is done securely. Learn how virtualization can help you position security as a business enabler.
Realize quickly that software as a service and cloud computing are the future computing infrastructures IT must secure.
Hackers continue to bore holes in Web browsers, exploiting users with social engineering tricks to gain unauthorized access to systems and data.