Address These Risks to Ensure Your Virtual Machines Are Secure
Most enterprises have switched to using virtual machines (VMs), as VMs let them make better use of the capacity on physical servers. Along with this approach come new security risks that need to be managed.
- Trojaned virtual machines. Install a prebuilt virtual machine and you install everything in it, including malware. This presents a particular risk for cloud environments, where preconfigured VMs are often the easiest way to bring up a standardized instance.
- Isolation failures. Each virtual machine is supposed to be completely isolated from other VMs running on the same physical box. Errors in how this isolation is implemented can potentially expose the data from a VM. These errors can arise from problems in the underlying operating system or from the hypervisor. Risks are increased when VMs with different trust levels execute on the same physical server.
- Buggy, unpatched hypervisors. The hypervisors that provide the virtual environments are not guaranteed to be bug-free. Like any other software, they can present vulnerabilities that hackers can exploit. Keeping hypervisors up to date with their patches is as important for security as keeping operating systems up to date, but many organizations struggle with patch management.
- Incorrect hypervisor configurations. Even hypervisors that have all current security patches can present security risks if they are incorrectly configured. In particular, hypervisors need to be secured from unauthorized access via untrusted networks.
- Misconfigured firewalls. If a firewall is misconfigured, traffic may be seen by the incorrect VM. There’s often a lack of visibility into the traffic between VMs, making it even harder to ensure proper network controls.
- Unprotected offline VM images. When a VM is backed up, the image contains all the data that was in the VM’s memory, including sensitive personally identifiable information such as social security numbers. In addition, offline VMs aren’t kept up to date with security patches and present risks when they’re brought back online.
- Out of control VM sprawl. Because virtual machines make it easy to create new servers, they’re often created to provide independent development and test environments. It’s easy for businesses to end up with large numbers of VMs that can’t effectively be managed, monitored, or and maintained.
Protecting Virtual Machines
The risks introduced by VMs can be mitigated by using appropriate monitoring and management tools and procedures similar to those used to protect physical servers. VM networks can be separated from management networks. Businesses should be cautious about introducing third-party hypervisor add-ons to their environment.
In addition, VM-specific tools can be used, such as AppDefense for VMware virtual machines. AppDefense uses whitelisting and allows businesses to restrict the operations allowed on virtual servers and can quarantine an instance and generate an alert when it detect unexpected behaviors.
Prescient Solutions offers expert IT consulting and managed services to businesses in Chicago and Schaumburg. Our team holds VMware and security certifications and will work to ensure your configuration is secure and efficient. Contact us to learn more about how IT services from Prescient Solutions can make your IT contribute to your business success.