Operating Systems

Taking the Secure Migration Path to IT Virtualization

2 Pages

• Improved flexibility and remote access: As the mobile workforce grows, more employees are remotely accessing information from the data center. By adopting virtual environments, IT managers can monitor and maintain only a few central data locations as opposed to dozens, helping them efficiently manage multi-user access and ensure better security.

• Simplified computing model: Instead of increasing the infrastructure’s capacity by adding workstations, servers or memory capacity, IT managers can configure a flexible, centralized environment through virtualization. Consolidating servers ultimately enables an organization to significantly simplify administrative tasks and costs and align its business goals with its IT processes.

Aligning Security and Virtualization Requirements

While virtualization can be broadly beneficial, IT security must remain a priority. Since the mainframe has traditionally been the keeper of the most sensitive corporate data assets, and because it continues to play a pivotal role in enterprise computing today, it’s essential for the enterprises transitioning to a virtual environment to protect and sustain mainframe-resident financial, operational, and customer data.

It’s challenging to align business requirements, IT virtualization, and IT security. Using industry approved security protocols will alleviate some technical pains and help IT managers quickly accomplish business goals. To ensure a seamless transition to virtual environments, IT managers must remember these security commandments:

• End-to-end communications security: It’s just as important to encrypt data in transit in a virtual environment as it is in a “traditional” environment. Securing files and data transmissions from the server to all workstations, and from the workstations back to the server, provides significantly better security for all enterprise data.

• User authentication: With increased remote access to enterprise information held in the data center, it’s critical to ensure this data remains where it belongs and that only appropriate users can easily access it. When organizations implement desktop virtualization, they must take the proper steps to authenticate the host and client machines, in addition to authenticating the user through ID, password, or other means. This will prevent access from non-secure locations and make it more difficult for unauthorized users to take advantage of stolen IDs and passwords. It also enables easier tracking if an unauthorized entry occurs.

• Logging capabilities: Most mainframe systems and applications have extensive logging features. However, if an existing mainframe system lacks logging capabilities, it’s imperative for the IT manager to obtain this before transitioning into a virtual computing system. It’s essential to meticulously record information regarding who accessed data and when. By acquiring adequate logging procedures or modifying existing applications, IT managers can ensure data is correctly maintained and organized on the mainframe if an audit should occur.

• Central management: Since many administrative tasks, such as provisioning, auditing and maintenance, can be mundane and time-consuming, setting up automated capabilities will relieve IT managers of the overwhelming burden that comes with trying to manually handle these tasks. Incorporating technologies that let IT managers establish and maintain an enterprisewide security solution from one central location will simplify their tasks and help them identify security violations faster. In addition, centralized management provides scalability for large networks, reduces ongoing operating costs, and facilitates regulatory compliance.

• Continued compliancy: Organizations making the transition to a virtual environment must still comply with government regulations pertaining to data security. Existing and emerging privacy, security, auditing, and risk management regulations and standards, such as the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS), and the Federal Information Security Management Act (FISMA), are designed to help enterprises protect their data from more frequent, highly developed security threats or attacks, no matter what type of computing environment or platform they use.

Look Before Leaping

For efficiency-minded organizations, IT virtualization is an increasingly viable solution. It can deliver dramatic improvements, including a simplified computing model, reduced energy consumption, increased flexibility, and lower IT costs. However, migrating to a virtualized data center can be a complicated, time-consuming process, particularly for heterogeneous enterprise IT environments with mainframe and client/server systems running scores of complex applications. The virtualized environment, like other system architectures, faces a host of new security threats. Before pursuing virtualization, every enterprise must take time to outline a parallel data security migration path.

The last thing any IT manager can afford is to be caught off-guard. During the transition to a virtualized computing environment, they should carefully weigh the benefits and impending security threats before committing to IT virtualization. Without ensuring that company, client and customer data will be secured at all times in their new virtualized IT model, enterprises are setting themselves up for a potentially catastrophic breach.

2 Pages