Virtualization increases the complexity of IT infrastructure, making it even more challenging to secure networks. We spoke with Torsten Mutayi, Principal Consultant and Trainer at Söldner Consult GmbH, about the challenges administrators face.
To what extent does the security of virtualization platforms depend on the company’s infrastructure?
Many vulnerabilities are, in fact, more social than technical. Typical examples include smartcards used for authentication that are left in the card reader during lunch breaks for convenience or passwords that are willingly shared with any caller claiming to be an administrator.
Another significant risk is the “USB” vulnerability: If any USB-based keyboard or mouse is allowed, for example, a gifted designer mouse accompanied by a forged supplier letter could execute arbitrary keyboard or mouse operations when connected to a USB port. Therefore, virtualization security cannot be considered in isolation.
What specific security challenges exist in or arise from virtualization?
For example, live migration? For the full interview, visit the IT-Administrator archive.
