As IT groups spawn new virtual machines at a breakneck pace, security is too often an afterthought. Can VMware's dominance of the enterprise server virtualization market buy us some breathing room?
Our survey on the state of VMware security revealed some startling facts: Just four in 10 consider hyperjacking a realistic threat, and nearly half take a laissez-faire approach to virtual machine provisioning and management. Some even let business units deploy VMs with no oversight, perhaps because 20% assert that VMs are safer than physical servers.
The reality, and a concept that many IT and business managers fail to grasp, is that a virtual server is still a server. A production VM--and its host--must be held to the same level of rigor as a comparable physical production server, with identical change management policies for approval, deployment, patching, and other processes.
For now, accepted best practices are at least as important as VM-specific toolsets. Still, hypervisors must have security baked in from the beginning. Armies of attackers are no doubt working feverishly for the bragging rights that will come with being among the first to hyperjack--that is, to gain control over--a high-value physical server that hosts VMs.
So are industry-leading virtualization vendors doing enough to keep us safe? For example, will VMware's VMsafe program, which provides APIs with hooks into the ESX hypervisor, pay off for IT, or even help keep Microsoft's Hyper-V at bay?
Maybe, on both counts. Every security vendor we interviewed for our VMware Security Analytics Report, is focusing on product development for VMware. And every security vendor we interviewed for this report also has plans for Hyper-V or Xen product development. Making like Switzerland between VMware and Microsoft is a rational move, a reality backed up by our survey of 423 business technology professionals. VMware is still the dominant player in server virtualization, with 56% of installations, most of them Infrastructure 3/ESX. But our poll reflects the growing influence of Microsoft: 24% of respondents listed either Hyper-V or Virtual Server 2005 as their primary server virtualization platform.
This is far from typical estimates of 70% to 80% VMware ownership of the server virtualization landscape. An outlier? Perhaps. We expected Hyper-V to make a mark, but we must admit to being surprised by these results.
Google in the Enterprise SurveyThere's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity products, and 69 percent cite Google Apps' good or excellent mobility. But progress could still stall: 59 percent of nonusers distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.
CIOs Get Smart About BIIT’s tried for years to simplify business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!