find the latest legal job
Senior Associate - Competition, Policy & Regulatory
Category: Other | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· Work with a well regarded Partner · Sydney CBD
View details
Commercial Litigation Senior Associate
Category: Litigation and Dispute Resolution | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· Lawyers Weekly Australia Partner of the Year 2016, Insolvency
View details
MULTIPLEX Regional Legal Counsel (Vic) | 7 to 10 years + PQE
Category: Generalists - In House | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· Career defining in-house role · Tier One international contractor
View details
Junior Lawyer - Personal Injury Law
Category: Personal Injury Law | Location: Parramatta & Western Suburbs Sydney NSW
· Highly specialized practice · Challenging role with great opportunities
View details
IR Advisor/Member Advocate
Category: Industrial Relations and Employment Law | Location: St Leonards NSW 2065
· Permanent (0.8-1.0 FTE) role in a developing team
View details
Warning given about virtualisation security (1)

Warning given about virtualisation security (1)

ALTHOUGH THE FIELD of virtualisation is still young, there is already emerging concern that organisations are at risk of overlooking the opportunity to create

ALTHOUGH THE FIELD of virtualisation is still young, there is already emerging concern that organisations are at risk of overlooking the opportunity to create a safe environment in the early stages of deployment.

This is one of the findings in a new report by US-based IT management research firm Enterprise Management Associates (EMA). The study, Virtualisation Security: The Early Stages of a New Battleground, has identified a number of potentially serious threats against virtualisation security, including so-called VM (virtual machine) escapes, solution-specific threats and traditional attacks.

"These threats, combined with vulnerabilities in virtualisation, are cause for alarm," said EMA security and risk management analyst Mike Montecillo. "Although many organisations extend security-enhancing measures to the virtualised environment, the numbers decreased when the techniques became more specific to virtualisation."

Nearly two-thirds of survey respondents extend configuration and change controls to the virtualised environment. The lowest numbers in the survey, however, related to questions regarding specific controls to the hypervisor (an emerging virtualisation platform that allows multiple operating systems to run on a host computer at the same time). Only 26 per cent of respondents said they have security controls in place to prevent hypervisor threats. In addition, only 17 per cent said they leverage measures to detect these types of threats.

"A disciplined approach to IT management reduces risk while yielding business benefits across multiple interests - and nowhere is this more the case than in virtualisation," Montecillo said. "Security is no exception, and may in fact be one of the greatest beneficiaries of a disciplined approach to virtual systems management."

Many of today's gaps and potential security risks of virtualisation are related directly to the maturity and effectiveness of management. In earlier EMA studies which focused on the effectiveness of IT risk control, the highest performers were found to have four cardinal virtues in common: they define IT risk management and compliance objectives; they actually implement them; they investigate the environment to monitor and assess their effectiveness; and they enforce adherence to requirements through education and positive incentives, as well as through negative consequences for deviations.

Montecillo believes the key to any security strategy is to simplify the approach. "Virtualisation is at the forefront of many security professionals' minds. Unfortunately, it has become very difficult to create a strategy that addresses the real security issues without being drawn in by the hype and publicity, which has created an awareness based on a warning, rather than an actual real-world threat.

"By becoming aware of the environments in which virtual technologies operate, and understanding the technology itself, enterprises can develop and properly implement an effective virtualisation security strategy and attain the full benefits of virtualisation," he said.

Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Warning given about virtualisation security (1)
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Human body, illegal organ trafficking, ALHR
Sep 22 2017
Australia poised to combat illegal organ harvesting: ALHR
The Australian Lawyers for Human Rights are calling for changes to the law so that organ trafficking...
Online service, barristers, BarristerSELECT, Stephen Foley
Sep 22 2017
New online service leverages barristers’ clerks to aid briefing
A new online tool has been launched to help NSW solicitors find the most suitable barristers for the...
NSW District Court judge, Tim Gartelmann SC, next appointment,
Sep 22 2017
Silk replaces outgoing NSW District Court judge
A barrister has been named as the next appointment to the NSW District Court, following the retireme...
APPOINTMENTS
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
opinion
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
Help
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...