By Tim Ferguson
Thursday, April 05 2007 07:13 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,62002897,00.htm

Companies have been warned not to rush into adopting virtualization technology as hurrying could leave them at risk of security threats.

If companies adopt virtualization too quickly, the best security practices could be overlooked according to analyst Gartner. In some cases the best security technology may not even be available yet.

Virtualization is the simultaneous running of several operating systems on a single desktop or server.

The technology is intended to reduce costs and increase agility but if security issues are not fully addressed Gartner says the opposite could happen.

The software layer used to make virtualization possible represents an additional system that can be attacked and compromised, potentially putting all systems at risk, according to the analyst.

Like any emerging technology, the analyst said virtualization will be the target of new security threats. It warned that simply applying the technologies and best practices for securing physical servers won't provide sufficient protections for virtual machines.

As a result, Gartner predicts 60 percent of virtual machines used in production environments will be less secure than their physical equivalents by 2009.

Neil MacDonald, Gartner vice president, said it may take several years for the tech to evolve sufficiently, while companies need to mature the appropriate staff skills and processes.

Gartner advised virtual machines should be secured before they are deployed, with security being a major consideration in the selection of software.

Tim Ferguson of Silicon.com reported from London.