By now, anyone who uses a computer of any kind has heard of the cloud. However, terms such as “cloud virtualization” and “VDI” still might be a bit of a mystery; even the very nature of the cloud itself might be somewhat nebulous. When it comes to protecting your data and yourself, knowledge is indeed power. In order to choose the best server security it’s imperative to understand how virtualization and the cloud work.
Traditional servers – the physical machines that host applications and files – have distinct disadvantages. Servers take up space and generate heat; they also generally use only a small percentage of their total processing capabilities. Server virtualization utilizes this unused processing power through software that allows a virtual server to run its own operating system on an existing physical server. The result is two servers taking up the same physical space as one server.
Security for virtual servers comes with its own set of challenges; there are several key points that need to be addressed. First, virtual servers can now be easily migrated but traditional security is unable to be moved along with it. Second, the processing power needed for optimal protection slows down overall performance. A startling majority of IT professionals have admitted to disabling security features to facilitate faster performance. Third, traditional security is reactive, whereas virtual servers need it to be proactive. Attacks need to be stopped before they happen, not patched afterward. Finally, not only must security keep up with ever-evolving technology but IT techs need to as well. Businesses need IT professionals who are versed in the needs of virtual servers in order to safely and effectively move forward with virtualization.
VDI (Virtual Desktop Infrastructure)
Also sometimes referred to as desktop virtualization, VDI is simply a desktop operating system hosted on a centralized server. The term VDI is often associated with VMWare VDI, considered to be the industry standard for the virtualization platform. VDI allows users “anywhere access” on thin client machines – network computers. Changes can be made globally and instantly, making VDI an extremely efficient way for companies to get things done.
VDI has its own unique security challenges as well. Yinal Ozkan, a security industry commentator at RSAConference.com, points out the complexity of VDI security demands. There are many different areas that need security including the server, the network, storage and the desktop itself. Endpoint security on thin client machines must also be addressed.
The Cloud – Public and Private
So what exactly is the cloud? The cloud is basically the physical/virtual location where information, files and applications are stored. Cloud computing is the process of users accessing this remotely, generally through the internet. Anything a user stores or uses that is not on a user’s own hard drive or device is most likely in the cloud.
Clouds can be public or private. Examples of public clouds are social media networks and huge retail businesses. The public cloud is often used for tasks such as media storage, system backup, file sharing, banking, communications and email. Private clouds operate in the same way but are used only by one organization or company instead of by the public. There are also permutations of public and private clouds. A community cloud is similar to the private cloud, but is shared by several companies or organizations instead of just one. A hybrid cloud is simply two or more clouds bound together. Hybrid clouds can be public, private, community or a combination of any three types of cloud.
Because of the nature of the cloud and cloud computing, the cloud has a very specific set of security vulnerabilities and challenges. These challenges include compromised data and information leaks, bugs being introduced through applications, denial of service attacks and targeted attacks. Luckily, there are security solutions specially designed for cloud computing. Self-defending virtual machines along with data protection and encryption are highly effective cloud security measures.
No matter where you or your business might be on the road to virtualization and the cloud, it’s important to know the security risks along the way. Equally important is knowing there are proven security measures that can keep your servers and your users safe.
About the Author: Contributing blogger Anderson Scott is an IT security consultant. When not writing about virtualization, Anderson enjoys following the latest communication trends in computing.