Skip navigation
Keeping Virtual Environments Secure: Guarding Against Security Holes

Keeping Virtual Environments Secure: Guarding Against Security Holes

Virtual machines are designed to provide strong security, but you also have to make sure to keep them from threatening each other. 

One of the reasons the IT industry has adopted Virtual Desktop Infrastructure is on account of the increased security it can bring to an IT operation. With VDI, for example, sensitive corporate data is kept in a secure, central location, rather than being spread out among perhaps thousands of desktops and mobile devices throughout an organization.

But being software, virtualization technology is itself not without risks. The biggest concern is when one virtual machine running in a server somehow manages to break out of its "sandbox" and begin accessing the contents of other VMs running on the same computer.

A new report says that, fortunately, these security lapses are rare. And more importantly, they can be guarded against by following a few simple rules.

The most obvious one: Keep your hypervisor software updated, installing vendor patches as soon as they are released. A security hole in a hypervisor is a serious matter, as it could potentially affect every machine in the system.

Similarly, the software associated with individual virtual machines needs to be kept up-to-date as well, with the most recent patch installed as soon as it is released. And current versions of malware detection programs should be run on a regular basis.

One VDI security rule may not be obvious to newcomers to the field: Only install software on a virtual machine that you are absolutely positive you need. One of the VDI security breaches of the last few months occurred when hackers wrote code that pretended to be the CD-ROM or floppy disk of a virtual machine. The VMs didn't need either of those devices, and if they hadn't been configured into the system upon setup, there would have been no security hole to exploit.

As the report puts it, "The more software you have running, the more vulnerabilities you are exposed to."

Bring the Power of VDI to Your Enterprise: HP and NVIDIA have partnered to enable a more productive mobile workforce through Virtual Desktop Infrastructure. In the past, jerky video or "click-and-wait" design files sometimes led to frustrated users and conclusions that VDI wasn’t yet ready for prime time. But with virtualized GPUs, now it is. Learn how the combination of HP ConvergedSystem graphics server blades and NVIDIA GRID virtual graphics technology can provide the richest visual experience at the right cost, for even the most demanding applications:

Related Articles: 

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.