Aug 18, 2011

Is virtualization risky?


A former IT staffer pleaded guilty to using a secret vSphere console to wipe out 15 VMware hosts running 

multiple servers each.


Doesn't this prove that virtualization carries greater inherent risks than had the techie been forced to log in to 100 servers individually, rather than only 15 host servers?


I agree with jlister. It seems to me that the incident you mentioned was not necessarily due to virtualization. I think it happened because of poor security practices by that particular company.

There are too many advantages to virtualization to let an isolated example like that determine a company's policy.

VMWare has an interesting page up that covers some of the advantages of virtualization:

Virtualize Your IT Infrastructure

The problem wasn't that virtualization was inherently risky; it was that this criminal needed to have more oversight at work, and when he left, all the passwords should have been replaced so he couldn't login to any server, physical or virtual. As for the secret vSphere console, there should be some kind of mechanism for network admins to track the installation of the vSphere console anywhere on their domain.


I'm glad they caught the guy. He sounds like a real jerk.

Answer this