Virtual environments have created an efficiency and consolidation of resources that were only dreamed about years ago. Undoubtedly industry is trending towards more virtual environments vs. physical environments. But are the security procedures up to this new task? Our experience has taught us that while there are inherent advantages to managing security in virtual environments (central audit logs, etc.), we have also discovered that the same diligent daily security management sits at the heart of security. Actively mining for un-secure and antiquated applications, is one of the most important tasks towards limiting system vulnerability. Monitoring has to be done actively, continuously, and across the full system.
Virtual environments offer tremendous savings through reduced hardware purchases, decreases in needed space and electricity, and fewer required IT administrative staff, to name only a few. However, security needs to be managed even more diligently than ever.