The 3/8 Virtualization Security Podcast held a discussion on the happenings as the 2012 RSA Conference in San Francisco as well as a discussion of the features of Bitdefender’s entry into the virtualization and cloud space with their SVE product. RSA Conference high lights not just those security tools for the virtualization and cloud spaces but the entire industry and each year there is always a common theme. Was there one this year? Was there any surprises at the conference?
Virtualization and Cloud Security architects, pundits, and writers like myself often talk about protecting the data within the virtual and cloud environments. However, in order to protect that data we need to be able to determine how the data will be used, accessed, modified, and eventually removed. So, how can we understand data security without understanding the application around it. But there is an even more fundamental problem, how do we define the application and the security measures we should take?
When you read many blogs and articles on cloud security, writers such as myself often mention jurisdictional issues as a big problem. Nor is the ability to Audit clouds the only problem. Yet both of these are huge issues for clouds today, but fundamentally, is the cloud flawed from a security point of view or are there plenty of security mechanisms available?
Christmas is over and New Years is on its way. A time to make resolutions and see the year complete. A time to review what is old and plan for the future. This is a perfect time to review your defense in depth and look to see if there are security additions needed in 2012. So what cloud and virtualization security New Years resolutions should I make for 2012?
2011 saw a shift in how virtualization security was viewed and it showed in the way companies teamed up to address those needs. Even so, the most basic of issues still exist: The thought that once you virtualize you are more secure, and the lack of general protection for the management constructs of a virtual or hybrid environment. These two concepts have hindered adoption of virtualization security in 2011. Even so, there has been a steady shift through out the year as more and more companies talk about virtualization security. VMware has definitely lead the pack with its vShield Product line and its unified view of virtualization security. Other hypervisor vendors are also discussing virtualization security through their ecosystem if not directly. 2011 saw many companies forging their own partnerships to augment and compete in this space. Will these partnerships continue into 2012? Will virtualization security continue to be a hot area?
There have been a large number of Announcements that have been made for VMworld Copenhagen with respect to virtualization and cloud security. This shows quite an interesting growth in the market, and that even 1 month apart there is still more to be announced within the virtual and cloud security spaces. There are three very interesting announcements that show further integration between vendors.