Virtualisation is unquestionably compelling technology. It has the potential to link IT and business at the core by providing improved flexibility, resource efficiency and continuity capabilities, thereby fulfilling the agility, cost, quality and risk requirements of today’s enterprises. Moreover, in leveraging virtualisation technology, IT departments can approach 100 percent utilisation of a physical server, which can reduce operational costs associated with floor space, personnel, bandwidth and power and cooling.
While the benefits of virtualisation are often publicised, the challenges it creates don’t always get the same attention – especially when it comes to security. One reason for that is, over the past fifty years, security for strictly physical IT operations has become well established. Whether one is talking about identity management, application security, access and information control or user activity logging and reporting, the majority of physical servers out there are being protected effectively. They have years of process evolution and best practices to thank for that.
Effective virtual server security, however, is not as ubiquitous, fact which becomes apparent when one examines the fundamental differences between physical and virtual servers. Whereas organisations can stack servers away in a room and protect them from unwanted access with physical controls – unsecured virtual servers can be cut, copied and pasted from the virtualisation host as easily as a file on a PC. Additionally, and for better or worse, with the hypervisor serving as a single management point for all virtual machine (VM) images, a person with hypervisor access suddenly has control over many business-critical services.
Compromising the hypervisor to download an image or introduce a rogue VM is equivalent to breaking into a server room and stealing a machine or introducing an unauthorised server into the data centre. Virtualisation consoles can be accessed with the right privileges; and native operating system security does not provide the protection required to meet regulatory compliance and security best practices.
What can organisations do to secure a virtualised environment? They can take the following three steps:
• Managing roles, identities and applications.
• Controlling the access of privileged users.
• Improve auditability and compliance.
Roles, identities and applications
When identities are not managed well in the physical world, the access problems this creates increase exponentially when moved to a virtualised environment. Organisations can counteract this by leveraging software that clearly defines and manages user’s roles and coordinates with an identity management solution to help ensure that users are only granted privileges appropriate to their positions. With such a solution in place, uncontrolled, over-privileged users become a thing of the past – as does their ability to wreak havoc on business-critical systems and applications in a virtual environment.
The other side of the security spectrum is the need to manage secure access to applications by users, as well as other applications or services. In a virtualised environment, application servers will go on and off-line as computing demands ebb and flow.
Controlling privileged users
In a strictly physical IT infrastructure, normal users are identified and controlled by the operating system and application security. They may make mistakes or attempt misuse, but provided the controls are set correctly, they cannot breach confidentiality or damage the system. In contrast, privileged user access goes above operating system security with a username and/or password that is often shared between administrators – essentially turning it into an anonymous, communal ID.
Virtualisation compounds this problem. Since administrators have control over the physical host and all of the virtual sessions running on it, they also have access to sensitive data and can impact business continuity.
Without an independent access control solution, multiple privileged users could get into the hypervisor and copy VM images – along with the data and applications they hold. These images could be brought back online on an unsecured network (e.g. for quality assurance and development purposes), making it easy for an intruder to access the contents within. Organisations can avoid this nightmare by implementing an access control solution that provides the ability to dynamically limit the permissions of normal and privileged users in a virtualised environment.
Auditability and compliance
Given the power a virtualisation platform has over the stability of an entire data centre – as well as the integrity of the data it manages – it must be viewed as a critical infrastructure component. As such, it should be subject to the same compliance requirements as a physical environment. Therefore, businesses must track the interaction that each user has with the virtualisation platform, as well as within each of the VMs it hosts.
Companies hoping to achieve compliance in the virtualisation age need a solution that tracks and audits access to the host operating system. What’s more, this solution needs to support auditability across all VMs, as every instance is subject to the same compliance requirements.
For more information contact Michael Horn (CISSP), CA Southern Africa, +27 (0)11 417 8765, [email protected].
© Technews Publishing (Pty) Ltd. | All Rights Reserved.