Wake up to virtualisation

So we have cloud computing and virtualisation - both a result of aggressive cost cutting exercises (although in the short term virtualisation can be costly to set up). Since organisations have been tighting the purse strings, these two "technologies" have become more apparent. Cloud services offer obvious advantages; cut costs, increase scalability and ultimately - pay only for services you use. Obviously cost cutting is a big part virtualisation (reduce size of data centres and hence pay low land costs and maintainance cost etc) but it does propose a new set of risks to the organisations.

Running various projects of different servers is easy to control and track etc, but when running multipe projects (or machines) within a single server (so machines are now virtual machienes) is going to be much harder to control. Firstly, running on seperate physical servers means there is a physical protection between machines, but with virtual machienes there is no seperation - well this is an exageration, the control do exists but they are weak.

So what do companies who are looking into virtualisation actually understand about the security around it? As with everything, the risks have to be assessed and strong controls need to be put in place (starting point would be 2 factor authentication). Anyway, here is a good article on virtualisation security: Wake up to virtualisation security risks, experts say.