Virtual servers are a security black hole


Research published today by data governance software developer Varonis reveals that, when it comes to the virtualized environment, security awareness appears to be something of a black hole.

The study found that data security in these virtualized environments can all too often be totally neglected, and some 48% of IT organisations reported or suspected there had been unauthorised access to files kept on virtual servers. The findings suggest that when it comes to awareness of security matters regarding virtualized servers and the data stored upon them, the harsh truth of the matter is that there is very little. Indeed, the survey found that 70% of those questioned had 'little or no' auditing in place for example.

When you consider that Gartner reckons there are now in excess of 50 million Virtual Machines installed on servers, it should come as no surprise to discover that 87% of respondents to the Varonis study said their application servers were already virtualized. The reasons for this virtualization being mainly a combination of deployment speed (76%) and disaster recovery potential (74%). Yet file security appears to be neglected almost across the board.


Sure, nearly 60% did claim to be "very careful about setting permissions and controlling subsequent updates" there's no escaping from the fact that 70% had implemented little or no auditing regardless of the company size. A statistic made all the more surprising by the revelation that in enterprises of more than 5,000 employees some 20% admitted to having "no file logging capabilities in place" at all.

Yet, against this backdrop of security ignorance, 48% had either reported or suspected that unauthorized access to files on those virtualized servers had taken place, putting sensitive company information at risk. Even when it comes to those companies that do audit their virtualized environments, a rather large 68% thought there had been unauthorized access.

"We suspect that for IT departments, virtualization may be something of a black box. We have found that, after a workload is virtualized, the actual details of managing file permissions and monitoring access is considered to be automatically ‘taken care of’. It is also quite possible that the teams managing virtualization projects see file security and governance as outside their discipline. The security team may have no visibility of what is happening”, said David Gibson, VP of Strategy at Varonis.

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Member Avatar

Yet, against this backdrop of security ignorance, 48% had either reported or suspected that unauthorized access to files on those virtualized servers had taken place, putting sensitive company information at risk.

That's not good there's no firewall how can no one not install a firewall and a filter that will not let people access those files.

What a kind of business runs like that.

Member Avatar

Great article. I would add that incorrect file system permissions
provide a way to infect other domains as well in addition to the
hacked one.

Shared Hosting issues; hacked website allows access to all websites installed on the same server

We named this as one of the seven reasons for successful hacking research:

frellnet 0 Newbie Poster

I am not sure why people would view a virtualized server any differently than a physical server when it comes to security. It is still the same OS as it was when it was physical and should still be operated the same way. VMware, Citrix, KVM, or whatever hypervisor you are using does not automate the operation of the server itself. Normal sysadmin best practices still apply.

vibinpattuath 0 Newbie Poster

active directory uninstall command

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.