I was reading a Reddit request for help regarding ransomware. The title was “Got hit BAD tonight.” That title describes the catastrophe simply and to the point. The ransomware in question attacked the hypervisor. Then, it proceeded to encrypt all backups and other systems connected to the hypervisor. This is the exact issue that virtualization and cloud security folks talk about daily with others. This is the ultimate in admin escape. This was not an escape-the-VM; this was an admin escape. The rule for accessing the hypervisor directly is DO NOT. The rule for using administrator credentials to do anything is DO NOT. Admin escape counts on those mistakes being made. Even so, there is a ton we can learn from this episode. I feel for the target, but it is time to quickly learn and implement better protections within your own environments. They are targets as well.
Security focuses on end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds, the SDDC, and the secure hybrid cloud. Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)
As part of Security, we follow the user through the virtual and cloud stacks until they reach the application they wish to use for retrieving the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application, while maintaining strict control of management interfaces. As such, we explore all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.
A bane of having data is the need to know: the need to know where all your sensitive data resides, what that data is, who has accessed it, and how it was accessed. Managing the who, what, where, why, and how of data is a struggle that’s as old as time. Scale changes this struggle. We continue our scale discussion on the Virtualization and Cloud Security podcast by delving into data management. Paula Long, CEO and cofounder of DataGravity, joins us to discuss data management at scale. How do we answer these questions?
When we scale things up to handle ever-larger quantities of data, we also scale up the number of issues related to the increasing pace. We’re dealing with this with fewer tools and, quite frankly, less knowledge We’ve seen changes in security (visit our latest podcasts on security and scale). We have seen changes in operations. We have also seen changes in development. Scale changes everything. But how so?
On the March 9, 2016, Virtualization and Cloud Security Podcast, we spoke with Sridhar Karnam, director of product marketing for Arctic Wolf, a Security Operations Center (SOC) as a Service provider. In our ongoing series on scale within IT security, a SOC is the next logical stop. The scale of data in today’s environments far exceeds people’s ability to view the data, make sense of it, and say there is a problem in a timely fashion. For this, we need automation, but we also need human intelligence!
In the last three virtualization and cloud security podcasts, Mike Foley, Sr Technical Marketing Architect for vSphere Security, mentioned security disaster recovery plans. There is a growing need for such plans. The 174th podcast covered this need, as well as the why and the how of putting such plans together. Unlike traditional disaster recovery, security disaster recovery is just what it sounds like, recovering from a disastrous security event. How would your organization respond to such an event? Is it about incident response? It is more than this. While you listen to the podcast, consider these thoughts.
As I’ve thought about how to implement high-performance, very large-scale networks within a secure hybrid cloud, I have come to the conclusion that the cloud works best with disaggregated network functions. This is the goal of network function virtualization, or NFV, but the real problem is knowing what functions to virtualize and how to do so at scale. Very large scale. We need to consider the multipaths our data will take and the rates at which data can pass through the various virtual components of our system that makes up the hybrid cloud. When we think hybrid cloud, we need to think scale out, not up. Scaling up can cost lots of money, while scaling out may save dollars. This means we need to rethink networking and security as well as protection. With containers on my mind, we have a path for our journey.