Damning report shows UK firms failing to deal with security in virtualised systems

Are organisations securing their IT infrastructure from the threats posed in virtualised environments? A new report from Trend Micro suggests not.

In a survey of 100 IT decision makers from UK companies with over 1,000 employees, the security firm found that over 85 per cent of organisations are gambling on using the same security systems for virtualised networks as they use for physical systems.

The intangible and evolving nature of virtualised environments means more flexible and modern defences need to be implemented on top of traditional measures that protect physical networks, and indeed, almost half (48 per cent) of respondents believed added security was needed to deal with the different risks associated with virtualisation.

Yet the challenges appear to be getting the better of UK organisations at present. A huge 92 per cent of those surveyed said they were struggling to keep their systems secure since the arrival of technologies like virtualisation, with only 11 per cent suggesting their security policies were completely up-to-date.

This failure to effectively address new threats has contributed to two thirds experiencing a security breach in recent months, according to the report. Adding to the worrying picture is the finding that only 52 per cent of respondents actually discovered the breaches via security monitoring tools within their company, as many only found out when systems went down and it was too late.

Following the survey, Trend Micro has warned that security must be tackled as a priority as soon as technologies like virtualisation are integrated to an organisation’s IT infrastructure.

“Virtualisation security is still being viewed as an afterthought as businesses ‘make do’ with the same security policies, process and tools they would use in a physical environment. This approach is leaving organisations open to the risk of cyber-attack as they fail to realise that a new security mind-set is required,” said Michael Darlington, Technical Director at Trend Micro.

“In a dynamic virtual network, security should be built in from the outset instead of being treated as a bolt-on. IT transformation is at its most impactful when security and virtualisation experts work together to create a solution that reduces cost and improves productivity whilst managing risk.”

Trend Micro’s research echoes the fears of other industry experts, who have described virtualisation as a security time bomb.

But harnessed correctly, virtualised systems can certainly benefit an organisation, as explained in our guide to service virtualisation - including what it is, and how it can help.