How to Secure Privileged Information within Virtualized Infrastructures - Testing for Business Continuity (
Page 4 of 4 )
6. Testing for business continuity
With a dramatically greater number
of credentials that need to be managed within a virtual environment,
the challenge of promptly recovering from an outage increases
significantly. Security solutions must be able to provide
credentials for numerous VMs in place at a specific point in time, and
synchronize the system to reflect those previous credentials and resume
operations.
To protect and manage virtualized
information, automated privileged account management solutions can
provide specific functionality that helps an enterprise revert
credentials back to the value—in effect, at the time of a backup or
snapshot.
For example, the enterprise
management console for a virtual environment can alert the access
manager when to revert a credential to a previous value and update it.
Ultimately, this ensures recovery and seamless security going forward.
Final thoughts
Virtual environments have multiple
business benefits, but also raise many new security and management
challenges. Companies today must consider the dynamic nature of VMs and
their potential impact on access credentials when implementing access
controls in a virtual environment. However, with some advanced
planning, they can avoid new security vulnerabilities and protect their
business-critical information in a virtualized environment.
Advances in security technologies
can help companies automate many of the activities associated with
deploying—and securing—a virtual infrastructure and the applications
that operate within it. Organizations need to explore the challenges of
VM, device, operating system and application authentication and
authorization—particularly when faced with audit or regulatory pressure
to maintain access controls for privileged accounts and information. In
summary, remember these three points:
1. Automation provides the opportunity to enhance the security posture for an enterprise, rather than degrade it.
2. Operating in a virtual environment should not require an enterprise to ignore critical security practices.
3. Cloning a VM should not mean
that all the credentials on that machine are duplicated; doing so
increases the risk that a credential could be compromised.
Robert Grapes is Chief Technologist at Cloakware.
Robert has more than 17 years of professional experience in the
technology sector. Prior to joining Cloakware in 2004, Robert worked at
Entrust Technologies as a software toolkit product manager, at Cognos
in vertical analyst relations, and at Allen-Bradley as a control
systems automation developer. Robert's expertise on enterprise security
and Governance, Risk Management and Compliance (GRC) has enabled many
government and financial service organizations to meet their audit
requirements for PCI-DSS, FISMA, FERC and other regulations. He can be
reached at robert.grapes@cloakware.com.
Virtualization Technology News & Reviews 
