Testing for Business Continuity
6. Testing for business continuity
With a dramatically greater number of credentials that need to be managed within a virtual environment, the challenge of promptly recovering from an outage increases significantly. Security solutions must be able to provide credentials for numerous VMs in place at a specific point in time, and synchronize the system to reflect those previous credentials and resume operations.
To protect and manage virtualized information, automated privileged account management solutions can provide specific functionality that helps an enterprise revert credentials back to the value-in effect, at the time of a backup or snapshot.
For example, the enterprise management console for a virtual environment can alert the access manager when to revert a credential to a previous value and update it. Ultimately, this ensures recovery and seamless security going forward.
Virtual environments have multiple business benefits, but also raise many new security and management challenges. Companies today must consider the dynamic nature of VMs and their potential impact on access credentials when implementing access controls in a virtual environment. However, with some advanced planning, they can avoid new security vulnerabilities and protect their business-critical information in a virtualized environment.
Advances in security technologies can help companies automate many of the activities associated with deploying-and securing-a virtual infrastructure and the applications that operate within it. Organizations need to explore the challenges of VM, device, operating system and application authentication and authorization-particularly when faced with audit or regulatory pressure to maintain access controls for privileged accounts and information. In summary, remember these three points:
1. Automation provides the opportunity to enhance the security posture for an enterprise, rather than degrade it.
2. Operating in a virtual environment should not require an enterprise to ignore critical security practices.
3. Cloning a VM should not mean that all the credentials on that machine are duplicated; doing so increases the risk that a credential could be compromised.
Robert Grapes is Chief Technologist at Cloakware. Robert has more than 17 years of professional experience in the technology sector. Prior to joining Cloakware in 2004, Robert worked at Entrust Technologies as a software toolkit product manager, at Cognos in vertical analyst relations, and at Allen-Bradley as a control systems automation developer. Robert's expertise on enterprise security and Governance, Risk Management and Compliance (GRC) has enabled many government and financial service organizations to meet their audit requirements for PCI-DSS, FISMA, FERC and other regulations. He can be reached at firstname.lastname@example.org.