There’s no question that advances in server virtualization technology are becoming popular among corporations that want to save money by consolidating resources and improving operational efficiency. Virtualization enables a dramatic increase in cost savings in ongoing maintenance and the cost required to keep physical assets afloat. These benefits are often seen by CIOs and other information technology leaders as adding tremendous value to an existing robust IT infrastructure. Who wouldn’t want to save money by reducing the size and extent of their data center, especially in the manufacturing and financial services industries?

However, I’ve noticed an increasing phenomenon: security often takes a backseat when it comes to consolidating servers, applications, or other resources to a virtualized platform.

In a traditional sense, server administrators have been taught the basics of “Security 101,” i.e., to run the standard checks and balances to ensure that no unnecessary services, protocols, or security vulnerabilities exist that may put the system at risk of exposure. Some people may go so far as to run a thorough vulnerability assessment on both the host and virtual system before putting them into a live production environment; an activity that is absolutely necessary to ensure that your basics are covered.

But vulnerability assessments do nothing to reveal existing breaches. This is especially true when we take into consideration that cyber crime is at its highest since the shift from fame to profit occurred around a year and a half ao.

It’s unlikely that people ask themselves, “Is the host system infected with a hidden Trojan I don’t know about?” while they’re undergoing a migration. According to statistics from PandaLabs, there are over 4,000 new and unique malware samples released into the wild every day and a large percentage of these samples are related to cyber crime.

• Virtualization Security - Part 2