Despite the tremendous flexibility and efficiency benefits that come with virtualization, this powerful innovation has also carried with it the potential to weaken an organization's security posture. It produces this unintended and undesired result by creating an environment in which it is very easy to make changes that can adversely impact availability and compliance. Still, many enterprises are moving to take advantage of virtualization but only when it comes to certain applications and services. Unfortunately, the applications that are business critical and that contain sensitive information are more likely to be left out of the discussion because of concerns about security. Up to this point, these security potholes have made virtualization a road less traveled for sensitive applications.
This white paper discusses not only the security concerns that accompany virtualization but also an effective approach for protecting critical data and services while still enjoying the benefits of virtualization. The key to balancing benefit while minimizing risk comes in the form of effective IT change management. This protection becomes even more crucial when one thinks about a fundamental truth regarding virtualization, i.e. it expands the possibilities for a wide variety of those within IT to be able to implement changes that might undermine security. Being able to monitor day-to-day alterations in a virtualized environment equips managers not only with stronger controls but gives them flexibility in being able to deploy servers while receiving timely alerts and reports on changes to server settings. As valuable as this capability is, there are technologies now available that not only zero in on situations where security policies are being challenged but that block unauthorized or unwanted changes. These kinds of breakthroughs help pave over those security potholes, turning the road less traveled into a secure pathway to productivity.