By: Mark Gaydos
I was reading an article in InformationWeek called Time To Halt VM Sprawl. And the question I pondered was “are virtual servers less secure or are the processes surrounding virtualization less secure”? After thinking about this I realized it doesn’t really matter!
Most of the bloggers, press and pundits I read say that virtual servers are just as secure as physical ones. However, if the processes used to manage virtualization are inherently less disciplined and more dynamic, AND result in less secure processes, it really doesn’t matter. Virtualization is then less secure than physical counter parts. You can point at the people and say it’s their fault, which is no doubt true, but if the technology requires new levels of discipline and process than that better be acknowledged.
The saying that guns don’t kill people…. people kill people came to mind. Sure, virtualization may be secure but if people can do more crazy (read non-secure) things with the technology than IT management better belly up to the bar and accept this…………. and put processes in place. Just like guns need special handling maybe so does virtualization. It’s about respecting the power of our inventions.