Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Virtualisation and cloud – What to fear and what to embrace?

Jones Leung | Sept. 2, 2013
Virtual machines bring enormous benefit to the organisation. However, they have the potential to lead to painful security challenges as well.

It is also important to realise that these are not far-fetched, worst-case scenarios. The reality is that the higher value the target, the more customised and sophisticated the attack becomes. For an attacker, the data centre represents the crown jewels, offering access not only to vast amounts of data, but also some of the organisation's most sensitive and valuable assets. This creates a very real and troubling situation in which some of the most sophisticated attacks are being directed against resources where our security discipline and controls have potentially slipped.

For this reason alone, it is critically important that we design modern security controls into our virtualised data centres. Policies and enforcement must move seamlessly with virtual machines without fail. Just as importantly, we have to make sure that those controls are up to the task of managing modern traffic and threats, including evasive traffic, unknown threats and policies that can be enforced based on application and user context. Without this focus, we simply trade security for performance, which is not profitable in the long run.

Jones Leung is Systems Engineering Manager, Greater China, Palo Alto Networks.


[1] Forrester Consulting. Enabling The Virtual Data Center In Asia: Business Continuity And Disaster Recovery Drive Investment Strategies. July 2013.

[2] Rackspace. Cloud adoption high in Hong Kong at 84%, but full potential unrealized, finds Rackspace study. 17 July 2013. Web. <http://www.rackspace.com.hk/press-releases/cloud-adoption-high-hong-kong-84-full-potential-unrealized-finds-rackspace-study>

[3] Palo Alto Networks. Application Usage and Threat Report, Asia Pacific. March 2013. Web. < http://media.paloaltonetworks.com/documents/Application-Usage-and-Risk-Report-Mar2013-regionalfindings.pdf>  

[4]  Palo Alto Networks. Application Usage and Threat Report, Asia Pacific. March 2013. Web. < http://media.paloaltonetworks.com/documents/Application-Usage-and-Risk-Report-Mar2013-regionalfindings.pdf>  

[5]  Palo Alto Networks. Application Usage and Threat Report, Asia Pacific. March 2013. Web. < http://media.paloaltonetworks.com/documents/Application-Usage-and-Risk-Report-Mar2013-regionalfindings.pdf>  

 

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.