Gartner on cloud security: 'Our nightmare scenario is here now'
Gartner analyst Neil MacDonald also minced no words in describing the implications for security in the virtualization and cloud-computing revolution.
"We're at a critical point," MacDonald said. Adoption of consumer technologies and the transformation of the technical infrastructure in the enterprise means that there's "frustration of the business units with us," MacDonald said.
With virtualization, the key concept of "locking down a physical device" is disappearing in favor of virtual machine-oriented security, such as virtual security appliances as software instead of physical appliances, he said. In addition, the enabling of quick deployment of virtualized applications and databases to facilitate business partnerships will need to be done, though "security becomes very difficult in this environment."
Cloud computing and virtualization "break one of the foundational principles of security architecture: Us and them," MacDonald said.
Known technologies such as signature-based antivirus are now insufficient, increasingly useless and he added, way overpriced. Antivirus must be buttressed with whitelisting to control application use, and the newer software-based virtual appliances for security have to be examined for use in a virtual-machine environment.