How to secure Virtual Servers in Data Centers
Nowadays, virtual servers are the new normal for efficient utilization of hardware computing resources in Data Centers. While discussing virtual servers' requirements and security with server administrators, they generally hard to accept any security risks in virtual servers.
I am trying to list out security risks and corresponding mitigations. This list I am using while doing virtualization security assessments.
|Unmanaged VMs||Documentation of Virtualization infrastructure is the key. If the admin document the virtualization architecture, it is very easy to identify unmanaged VMs while auditing.|
|Unpatched Hypervisor||Identify the version of the virtualization infrastructure and patched it. Patch management policy should be documented and implement.|
|Misconfigured services||Disable services that are not required. Configuration management should be documented.|
|User Management||Effective control policy should be there for user creation and deletion.|
|Performance issues in VMs||Internal periodic performance review is required to assess resource requirement by each VMs|
|Data loss on VM failiure||Data backup policy should be documented and implemented properly.|
|Uncontrolled provisioning and deprovisioning of new VMs||Proper policy should be documented and implemented for provisioning and de-provisioning of VMs|
|Sensitive data in VMs||Encryption and logging is the key. Use cryptography techniques to secure data. Logging critical events.
Must understand the proper balance between security and performance.
|Easy cloning of VMs||Control creation, storage, and use of VMs by documenting the process and implement.|
|Leaking of data in motion||Use of secure protocols while transmission of data between VMs.|
Virtualization is a great technology, but it will be a risk if not used with utmost care. Use a security benchmark for the hardening of virtual infrastructure. Virtualization management policy documentation is the key to secure data centers.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.