Virtualization a security “time bomb”

Security expert and ethical hacker Jason Hart has labelled virtualization in business a “time bomb” that is waiting to be exposed by cyber-criminals.

Hart, who is VP of Cloud Solutions at data protection firm SafeNet, was speaking at an Infosecurity Europe press conference in London, and argued that the adoption of virtualized systems continues to outpace our understanding of its security risks.

The advancement of technology in the workplace over the past 15 years and the ability we have to store information in numerous non-physical areas has seen us lose track of how we look after our data, Hart says.

The traditional security principles established by IT administrators when challenges related to physical devices – such as data encryption on laptops – have been forgotten in the virtualized world, he stated, claiming that “we’ve moved the physical problem onto a virtual problem.”

Hart added that the advent of BYOD has exacerbated the issue, with the multiple devices used by individual employees serving to further scatter important data via the use of cloud services and similar technologies. This liberal handling and wide distribution of sensitive information has left organisations vulnerable and created “very juicy attack vectos,” Hart said.

According to the SafeNet researcher, the key to staying secure in a virtualized environment is accepting that your system will be breached and focusing on protecting the most important data within a network, through various encryption tools. Thus, even if a hacker breaches the security perimeter, the key information remains safe.

ITProPortal will be attending the Infosecurity 2013 conference at Earls Court in April, where the latest developments, dangers and trends in security will be dissected by the industry's elite.