If you read the tech headlines (or talk to the average computer user) it's easy to conclude that "viruses" remain the biggest security threat in the channel. But survey results released today by BeyondTrust suggest instead that, in the age of virtualization, even seasoned server administrators are overlooking the biggest gaps in their security strategies. That finding, along with a host of others, sheds new light on the security situation of the channel, and what enterprises need to do to make it better.
Like all surveys conducted by organizations that can hardly feign disinterest in the results, the findings of the one BeyondTrust announced today, titled Virtual Insecurity, is not without its imperfections. It is based on voluntary responses, and skews toward organizations with heavy investment in virtualization technology. Still, with responses from 448 system administrators collected over the last month, the research presents an enlightening window into security practices and mistakes among IT professionals today.
Among the most remarkable and potentially worrisome findings (not to mention one that plays well for BeyondTrust's product strategy) concerns the security tools administrators use. Although 59% of respondents said they deploy security tools "regularly" for virtual systems, the most popular of the types of tools they indicated using are antivirus programs. Other resources, such as security scanners and identity management tools, take a clear back seat to more traditional antivirus software.
Antivirus alone is a poor security solution for enterprise servers. It certainly combats some threats, but it is ill-suited to address many of the dangers that can be particularly potent in environments that rely heavily on virtualization. These include the risks that arise when administrators use templates for launching new virtual machines, a frequent practice among survey respondents that can lead to hosts running out-of-date or misconfigured software and, in turn, security vulnerabilities.
Other portions of the survey yielded more encouraging results for those concerned with channel security. Most administrators reported keeping their hypervisors regularly patched, for instance. A majority also include virtual resources within regulatory compliance audits, a good impetus for taking virtualization security seriously.
Nonetheless, the need for stronger virtualization solutions that go beyond simple antivirus scanning highlights an area ripe for continued growth within the channel. BeyondTrust itself is already capitalizing on it, having also announced today a plugin for VMware vCenter, called Retina Network Security Scanner, that is designed to enhance security within certain virtualization environments. But that addresses only a small slice of the pie, and plenty more opportunities exist for developing better security practices and tools in the virtualization age -- the first of which, perhaps, is moving beyond the mentality that those "viruses" we've all been raised to fear are the sole source of nastiness.