Archived CEO Blogs

Odds are your IT environment is somehow engaged in virtualization — either directly in your data center or indirectly via the service providers you’ve engaged.

But how much have you — or your IT people — thought about virtualization security? This matters more than you may think. One Gartner analyst has estimated that 60% of virtualized servers will be less secure than the physical servers they’ve replaced.

Two kinds of security threats have emerged of late that need special attention, even if you’re running a small enterprise: Targeted zero-day attacks and advanced persistent threats .

Targeted zero-day attacks
Microsoft’s recent Internet Explorer security flaw (see my last blog post) is a fine example of a zero-day attack. The attackers got their edge from speed, since reactive countermeasures that depend on threat signatures — such as patching and tools like antivirus software and intrusion prevention — couldn’t be updated fast enough to halt the flaw.

Last September 18th, Germany’s Federal Office for Information Security warned that nation’s population not to use Internet Explorer because of an IE security flaw “is already being used for targeted attacks” designed to lure users to an infected website which, when visited, allows hackers to take control of the user’s computer. Soon after, the Swedish government issued a similar warning.

Even worse, Microsoft was not immediately able to fix the problem. First came a temporary patch, said to be less that complete.

When you find a Cloud services provider who’s able to precisely design and customize Cloud capabilities to address your organization’s unique needs, you can begin down the path to achieving the flexibility, scalability, cost reductions, efficiencies, redundancy , and disaster recovery protections you need. And you can do it without overspending on overcapacity.

In particular, a services provider who will customize your Cloud services can address your security concerns with an over-arching services contract and service-level agreement (SLA) that’s explicitly written for your business.

In addition to a no-charge DaaS proof-of-concept , there are a couple of other ways to get a real-world sense of how your organization can benefit from DaaS as well as Cloud computing in general: