Virtualization is a new development in computer technology whose effects are yet to be felt as its use still is new. Virtual machines have proved to have many advantages resulting to increase in the rate of growth in application, deployment implementation of virtualization in most organization. This attributed to the fact these organizations have ignored the risks associated with virtual machines as they usually are not obvious immediately and concentrated on their advantages with are associated with cost effectiveness.
The increase in electronic crime has also emerged with the increase in the implementation of virtual machines (Millar, 1999). Virtualization is a new development in technology whose risks and repercussions have not yet been experienced mostly because they do not occur immediately the virtual machines are installed to the host computer system. Organizations are depending more on the information and technology policies and guidelines that were pout in place to govern pre-virtualization hence are not controlling the data centre in virtualized environment.
The rapid increase in deployment of virtualization technology without much emphasis on control of the data centre is the main reason as to why the issue of virtual machine security is considered emerging. Virtual machines are system independent in that a specific application will operate the same way in virtual machine of its type regardless of the system’s software or hardware. For example a Java application will operate the same way in all Java virtual machines.
Since virtual machines operate in such a way that they are independent and separate from the operating system, there is possibility that if well managed it can not cause damage to other applications and files (Chao, 2006). Virtualization also provides isolation making it possible for a large number of individuals to use a single operating system without having to share database as each individual is able to create their own database in the systems memory.
Virtual machines also provide compatibility and mobility in the computer network because of the use of a single hypervisor which can be controlled from a single point. It also associated with saving energy as the processes are controlled from a single point and some versions are faster than the actual computer system hardware (Chao, 2006). Virtualization also makes live state capture and the replay of the captured states possible.
As search, virtual machines can be used to study software that is malicious hence prevent infection of the system’s software. Virtualized servers are a great improvement to traditional methods of security as they have the potential of enhancing security of data if management of the virtualized environment is maintained and control of the communications between the virtual machines contained. This is possible through use of appropriate system processes and ensuring that the configuration in the virtual machines is regularly updated.
Controlling the virtualized environment decreases the possibility of attack to the data centre enabling the organization to enjoy the rest of the advantages associated with virtual machines without having to worry about the security risks as they are contained. Virtual networks are not real and hence do not have the same capability as the actual systems. As such, they are not able to provide the level of functioning as may be required by the organization.
Virtual machines run separately from the operating system implying that they do not have the ability of benefiting from special applications that are present in the operating system such as configuration updates (Mann, 2007). In the event the configurations in the virtual machines are not updated and they get infected by computer viruses which affect the entire system causing damage to all files and data that is stored in the shared memory (Mann, 2007).
Virtual machine technology also creates opportunity for malicious attacks on information that is stored in the database. This creates danger to confidential and sensitive information as it is vulnerable to access by unauthorised individuals. Virtualization makes it possible for the attacker to access any virtual machine that is mounted on the host hardware through the guests. They are therefore able to access anything they want and do whatever they want to with the information.
They could alter, modify, destroy or even use it in an unauthorised way. Virtualization creates the risk of important information getting into the wrong hands. This violates the integrity, confidentiality and authorization recommendations that have been put forward in the X. 800. These recommendations require the providers and users of such systems to uphold the mentioned things which virtual machines are unfortunately not able to conform to.