Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Networking
    • Storage
    • Virtualization

    Security Lacking in Most Virtualized IT Environments, Survey Says

    By
    Fahmida Y. Rashid
    -
    November 29, 2010
    Share
    Facebook
    Twitter
    Linkedin

      A report on virtual security management underscores the wide gap between what needs to be done to secure virtualized environments and what IT managers are actually doing, said CA Technologies on Nov. 29.

      Business and IT executives across 15 countries reported serious security concerns about data sprawl, hypervisor privilege, and other privacy and compliance issues in their virtual environment.

      Organizations need to “address the current IT and security management silos and to help simplify the complexity of virtual environments,” said Shirief Nosseir, a product marketing director for the EMEA region in the Security Management group at CA.

      A significant majority, or 81 percent, of the executives felt that data sprawl, or the risk of data moving around virtual systems without control and ending up in less secure environments, is the biggest threat, according to the report. While data loss prevention programs can effectively address data sprawl, the survey found that only 38 percent of surveyed organizations have actually implemented the strategy.

      Hypervisor privileges pose other concerns. The administrator accounts on hypervisors generally have extensive access privileges with very few limitations and security controls. The study found that 73 percent of surveyed organizations are concerned about the privileges granted to hypervisors and the potential for abuse by users with administrative control. However, 49 percent of those concerned companies have not implemented any privileged user management or security log management systems to mitigate the risk, the survey found.

      Even though the majority of the business and IT leaders said virtualization would help improve IT operational efficiency, security remains a concern, with 39 percent saying virtual environments are more difficult to secure than physical environments.

      Almost 85 percent of the organizations said “cloud privacy and compliance issues” and “cloud security issues” inhibit plans to move from virtual environments to a private cloud, the report said.

      About a fifth of the companies in the survey said their IT staff does not have the skills or funds to implement security in a virtual environment, researchers found. About half, or 55 percent, of those organizations cited budgetary restraints and the “upfront cost” of implementation, and 53 percent named the “complexity of managing security across virtual environments and platforms.”

      While over 84 percent of the surveyed managers prefer integrated products that seamlessly secure physical and virtual environments, just over half, or 56 percent, actually have implemented, or are in the process of implementing, such systems, the researchers found.

      While automation is considered important to secure virtual environments, integrating security management with infrastructure management or with incident and problem management do not appear highly important for most respondents, according to the report.

      Organizations will “struggle to automate their processes and reap the real rewards of virtualization,” said Nosseir.

      Despite all the interest around virtualization, it is not yet the standard for production environments. Only 34 percent of the participating companies have deployed server virtualization for more than 50 percent of their systems, the researchers found. The companies have rolled out even less for other types of virtualization, such as storage, application and desktop, the researchers said. For example, only 8 percent of the organizations in the report has desktop virtualization for more than 50 percent of the enterprise, according to the report.

      “Despite the rapid growth in server virtualization, many organizations still have quite a way to go before they reach the level of maturity and automation required to reap the true benefits of virtualization,” said Nosseir.

      Only 65 percent of the business managers enforced a separation of duties for administrative tasks across virtual platforms, the report said. More than 40 percent of the surveyed executives claimed to not use automation tools for access certification, privileged user management or log management, according to the study. In fact, only 42 percent perform regular access certifications for privileged users or are able to adequately monitor and log privileged access, researchers found.

      Automation technologies that can mitigate risks from privileged access in virtualized environments are “not yet widely deployed,” said Nosseir.

      The virtualization security report, “Security-An Essential Prerequisite for Success in Virtualization,” surveyed 335 senior business and IT executives in Europe and the United States, CA said. The countries included Belgium, Denmark, Finland, France, Germany, Italy, Luxemburg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland, the United Kingdom and the United States.

      Most organizations have at least two different virtualization technologies in their environment. VMware remains the most prevalent, deployed by 83 percent of the respondents, followed by Citrix at 52 percent. About 41 percent run Microsoft’s hypervisors, namely Hyper-V, according to the report.

      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×