60% of virtual servers are less secure than their physical counterparts

It's all the rage at the moment: drop your cumbersome, expensive and high-maintenance physical servers and get some virtual servers! Basically, instead of managing an entire physical server -- hard disk, processors, power, etc. -- you can now buy a share of a large server. They're called VPS or VDS -- virtual private/dedicated servers -- and it turns out the majority of these new servers are not very secure.

The report by Gartner (which costs $95) highlights the usual, inherent risks of moving to a new platform. VPSes, due to the new and immature software used to split a server's resources, can be insecure. It's not such a huge problem now, with only 18% of enterprise processing occurring on virtual servers, but by 2012 that will climb to over 50%. Right now, with the sheer number of unsecured physical dedicated servers, hackers are unlikely to target VPSes... but that will change!

Gartner suggests that organizations do their homework before switching to virtualized server resources -- and specifically they need to know the 'hypervisor' backwards and forwards. The hypervisor's job is to effectively split the physical server into discrete portions -- but as you can imagine, if the hypervisor is compromised, every user's data then becomes available. Such security concerns also pertain to cloud computing, though you have to assume that providers like Amazon know what they are doing.

This is just a teething issue, and I'm sure network and system administrators will get on top of things sooner rather than later.

[via Network World]

Tags: gartner, report, security, vds, virtual server, virtualization, VirtualServer, vps