Sense of Security is one of Australia’s most trusted providers of cyber resilience, information security and risk management services.

Latest announcements
© Copyright Sense of Security
Cyber Security Services

Virtualisation security

Running virtualisation software can make a huge difference to your total technology stack. It can reduce costs, increased operational efficiency and create far more operational flexibility.

However, this technology introduces a virtualisation layer that itself becomes a potential avenue of attack for the virtual services being hosted.

Because a single host system can house multiple virtual machines, the security of that host becomes critical in maintaining the confidentiality, integrity and availability of your systems and data.

Understanding virtualisation security

While virtualisation technology has been deployed extensively for around two decades now, the commercial offerings are rapidly being updated to address new requirements such as micro-segmentation, software-defined networking, and a plethora or cloud, private-cloud and hybrid-cloud deployments. This technology is incredibly powerful, however, often poorly understood from a security perspective, and rarely implemented correctly in enterprise environments without jeopardising the organisations security posture.

With a focus now on automation, infrastructure-as-code (iac) is becoming part of most new and revised virtualisation deployments. The speed at which environments can be provisioned is quite amazing, but this also means that if security vulnerabilities enter into the workflows they can just as rapidly be distributed across compute environments. While virtualisation was previously in the realm exclusively of the networking and infrastructure teams, it is now incorporating software development because the environments are provisioned and managed through a range of processes that have their roots in code. Accordingly the focus now needs to  be “Shift Left” meaning that the attention to security needs to be closer the source of the data, including all artefacts that are relied upon for the integrity of the architecture and networking controls.

As a result, there are several security considerations which differ from the physical world. These include but not limited to:

  • network architecture
  • zones of trust, network segmentation, and access control
  • virtual switches and networking
  • virtual appliances
  • mobile servers
  • patch application and management
  • intrusion detection and prevention
  • definition of roles and responsibilities
  • storage
  • automation through infrastructure as code

Find out how our leading security services can help your organisation with virtualisation.

Speak to one of our trusted cyber experts
on 1300 922 923 or make an enquiry today.