– Todd Tucker, senior security strategist at NetIQ (www.netiq.com), says:
Being able to rapidly provision a new system, and then replicate it, can be a a nightmare for those tasked with ensuring the confidentiality of that data. Worse still is the potential for virtual systems to be attacked by another virtual system residing on the same physical host. Such intra-system attacks represent specific challenges, which are distinct from traditional attacks, and require the virtual systems to be very well protected against a range of tailored, complex threats.
While security teams have for a long time relied upon well documented and enforced processes and procedures to help control the way systems are provisioned and user access rights are associated with those managed systems, such procedures are simply incapable of providing the rapid response that the automated and virtualized world demands. As one security professional put it, “how can I maintain control of systems that could literally appear and disappear from my infrastructure during the course of a lunch break?”
Most worrying is that the people who target and perpetrate attacks on corporate data stores often succeed as a direct result of their ability to circumvent, or defeat, the change detection and control practices. Although change detection procedures are put in place to reduce the risk of unmanaged changes, external threats introduce the danger that security controls will be weakened or system integrity impacted.
If the pace of virtualization adoption, and the rapid result of change is also accelerating, how can organizations begin to address the hidden and potentially significant costs associated with all this frenetic activity? Simply hiring more people to try to keep up is not a realistic option in the short term, nor is it scalable in the long run.
The answer is surprisingly simple.
Security teams, and their IT operations counterparts, have decided it’s time to fight fire with fire. Many are now looking at harnessing the very same automation technologies and approaches in order to pump new life into their existing management and security processes. So rather than simply attempting to keep pace with an ever-changing world, they are adapting the existing manual process to be more fully automated.