Wednesday, January 24, 2007

Virtualization – Virtual Security nightmare?

I keep hearing and reading about server virtualization, server consolidation, maximizing server resources, blah blah blah. The point of it is – I have a bunch of servers, that I paid for, not doing anything, so if I consolidate the underused servers onto a better or more efficiently used server I will save money in maintenance, capital costs, and power, A/C and all of the other data center costs.

The issue I see that drains the blood from every CIO’s face I’ve had the pleasure of discussing this with is – how are you going to manage access and secure all of those apps on the same server now? Identity management apps? VLANs? SSO? I thought you were trying to be more efficient...

There is better way. Here is what you do…

For 1,000 users, it will cost you about $100/user, which is less than the $182 per record it will cost you in a breach.

You install some software, two appliances, highly available and redundant in front of these virtualized efficiently humming boxes, and control who can SEE and who has access to each application based on who they are, what machine they’re using, and whether or not they’re at Starbucks, a hotel, or on your LAN.

Every user, every machine. Installed in 4 hours, policies set, audited and deployed in less than a week.

For about $100/user. No changes to your directory, no changes to your infrastructure, maintaining access control by app even when consolidated. Think I’m full of it?

You gotta ask yourself – in all this worrying about virtualization what did I do to my security program – did I cover myself. Well? Did I?

I have you covered -


Post a Comment

<< Home