12:00 PM
Joe Hernick
Joe Hernick
Connect Directly

Analytics Summary: VMware Security

As IT groups spawn new virtual machines at a breakneck pace, security is too often an afterthought. Can VMware's dominance of the enterprise server virtualization market buy us some breathing room?

Our survey on the state of VMware security revealed some startling facts: Just four in 10 consider hyperjacking a realistic threat, and nearly half take a laissez-faire approach to virtual machine provisioning and management. Some even let business units deploy VMs with no oversight, perhaps because 20% assert that VMs are safer than physical servers.

The reality, and a concept that many IT and business managers fail to grasp, is that a virtual server is still a server. A production VM--and its host--must be held to the same level of rigor as a comparable physical production server, with identical change management policies for approval, deployment, patching, and other processes.

InformationWeek Reports

For now, accepted best practices are at least as important as VM-specific toolsets. Still, hypervisors must have security baked in from the beginning. Armies of attackers are no doubt working feverishly for the bragging rights that will come with being among the first to hyperjack--that is, to gain control over--a high-value physical server that hosts VMs.

So are industry-leading virtualization vendors doing enough to keep us safe? For example, will VMware's VMsafe program, which provides APIs with hooks into the ESX hypervisor, pay off for IT, or even help keep Microsoft's Hyper-V at bay?

Maybe, on both counts. Every security vendor we interviewed for our VMware Security Analytics Report, is focusing on product development for VMware. And every security vendor we interviewed for this report also has plans for Hyper-V or Xen product development. Making like Switzerland between VMware and Microsoft is a rational move, a reality backed up by our survey of 423 business technology professionals. VMware is still the dominant player in server virtualization, with 56% of installations, most of them Infrastructure 3/ESX. But our poll reflects the growing influence of Microsoft: 24% of respondents listed either Hyper-V or Virtual Server 2005 as their primary server virtualization platform.

This is far from typical estimates of 70% to 80% VMware ownership of the server virtualization landscape. An outlier? Perhaps. We expected Hyper-V to make a mark, but we must admit to being surprised by these results.

1 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Google in the Enterprise Survey
Google in the Enterprise Survey
There's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity ­products, and 69 percent cite Google Apps' good or excellent ­mobility. But progress could still stall: 59 percent of nonusers ­distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 24, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.