By Nick Molina, TierPoint IT Engineer
In the last few weeks, Kaspersky Lab generated a lot of attention from their study about the costs of a security breach, finding that it costs double to recover if virtual infrastructure is affected. You can read their report. Some of the resulting screaming headlines came across like an indictment of virtualization itself. It has moved me to chime in with a point that seems to be missing: It is largely not virtualization’s fault.
Yes, there are many factors that drive up breach recovery costs. One that has been overlooked in the Kaspersky report discussion is virtual machine (VM) sprawl. With VMs, it is easy to set them and forget them. They can live on even without patching or OS updates, whereas their physical counterparts more frequently tend to get decommissioned or upgraded over time. Malware loves these unpatched and neglected VMs because they provide an easier point of entry into your network and can lie in wait until they are ready to do the voodoo that they do.
Although a diligent IT team with some automation can limit sprawl, sprawl is a big problem that can substantially impact risks and recovery costs. When conducting an analysis like this, you cannot ignore people and processes as part of your evaluation. Continue reading