And while virtualisation is complex, there is little automation. This means that a lot of manual management and control activity is required, and staff need to have a certain level of proficiency to make appropriate decisions.
“There is increased potential for human error combined with less potential for auditing and tracking individual systems,” warns Lynch.
Even where attacks do bring VMs crashing to a halt, Page believes it is very easy to both isolate those threats and get systems back up again to minimise system downtime.
“With a virtual machine it is possible to have a replica of any one system back at base and backed up systems on servers that can be brought back up very quickly in the event of problems,” he says.
The nature and size of any security threat to virtualised systems will vary according to the level of segmentation within any one environment. But Lynch says it is important for IT security staff to at least acknowledge that virtual systems need to be treated in a different way, and that security measures applied to physical systems will not necessarily suffice.
“They need to start thinking about what they have to do to control VMs, consider how isolation aspects break down, and what policies they need to put in place to protect against potential threats," he reports.
"The last thing anybody wants to do is re-architect their security profile to accommodate virtualisation, and the security guys are only just waking up to realise that there are substantial differences between physical and virtual servers".
Lynch admits that issue has not flashed up on most IT leaders' radar yet, but says government and financial companies – who tend to be more security conscious – are those listening hardest. Nevertheless, IT leaders should be preparing their defences today, he warns.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
