Making Data Security The Foundation Of Your Virtualization Infrastructure



Similar documents
Learn the Essentials of Virtualization Security

Learn the essentials of virtualization security

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

PCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011

Whitepaper. What You Need to Know About Infrastructure as a Service (IaaS) Encryption

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

STREAM FRBC

PICO Compliance Audit - A Quick Guide to Virtualization

Virtualization and Cloud: Orchestration, Automation, and Security Gaps

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

Mitigating Information Security Risks of Virtualization Technologies

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

Virtualization Security Checklist

PCI DSS 3.0 Compliance

managing the risks of virtualization

Cloud Computing Governance & Security. Security Risks in the Cloud

Compliance and Security Challenges with Remote Administration

PCI Compliance in a Virtualized World

Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

How To Protect Your Cloud From Attack

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

Data Protection: From PKI to Virtualization & Cloud

Network Access Control in Virtual Environments. Technical Note

How To Protect Your Data From Being Damaged On Vsphere Vdp Vdpa Vdpo Vdprod (Vmware) Vsphera Vdpower Vdpl (Vmos) Vdper (Vmom

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments

Meeting the Challenges of Virtualization Security

Scaling Analytics to Meet Real-Time Threats in Large Enterprises: A Deep Dive into LogRhythm s Security Analytics Platform

John Essner, CISO Office of Information Technology State of New Jersey

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

How to Achieve Operational Assurance in Your Private Cloud

05.0 Application Development

Getting the Most Out of Virtualization of Your Progress OpenEdge Environment. Libor Laubacher Principal Technical Support Engineer 8.10.

Alliance Key Manager Solution Brief

Overcoming Security Challenges to Virtualize Internet-facing Applications

Protecting Data at Rest with Vormetric Data Security Expert

SafeNet DataSecure vs. Native Oracle Encryption

Data-Centric Security vs. Database-Level Security

Virtualization and Cloud Computing

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Secure Administration of Virtualization - A Checklist ofVRATECH

Agentless Security for VMware Virtual Data Centers and Cloud

A Strategic Approach to Enterprise Key Management

Where every interaction matters.

CloudControl Support for PCI DSS 3.0

VMware vsphere Data Protection

Virtualization System Security

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Best Practices for Breaking Down the Barriers to Centralized Virtual Server Backup and Recovery

Trend Micro Deep Security

The Top 8 Questions to ask about Virtualization in a PCI Environment

Vormetric Encryption Architecture Overview

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

Effective End-to-End Cloud Security

Installing and Administering VMware vsphere Update Manager

How To Achieve Pca Compliance With Redhat Enterprise Linux

PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Top virtualization security risks and how to prevent them

Security Compliance in a Virtual World

CIT 668: System Architecture

Cloud and Data Center Security

University of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template

The True Story of Data-At-Rest Encryption & the Cloud

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security

Symantec NetBackup 7.1 What s New and Version Comparison Matrix

Total Cloud Protection

Applying Cryptography as a Service to Mobile Applications

Security & Cloud Services IAN KAYNE

Complying with PCI Data Security

Netzwerkvirtualisierung? Aber mit Sicherheit!

VMware vcloud Air Security TECHNICAL WHITE PAPER

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI

Securing the Cloud - Using Encryption and Key Management to Solve Today's Cloud Security Challenges

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

GE Measurement & Control. Cyber Security for NEI 08-09

Quick Start - Virtual Server idataagent (VMware)

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

vsphere 6.0 Advantages Over Hyper-V

Data Management Policies. Sage ERP Online

Secure Software Programming and Vulnerability Analysis

Transcription:

Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100

Securing data has never been an easy task. Its challenges include properly classifying data according to value and risk, applying appropriate security policies in response to those risks, controlling enterprise-wide encryption, and managing myriad system and data-access controls. Now, with virtualization and a more dynamic infrastructure, enterprises have an even greater challenge in protecting their data. The good news is that your data can be well guarded in virtualized environments as long as your security teams understand the new ways that virtual machine (VM) elements and data can be exposed and the security technologies available to help solve those problems. This paper explores these topics. Virtualization Complexity and Risk In June 2011, the Payment Card Industry (PCI) Standards Council released a long-awaited information supplement to the latest Data Security Standard (DSS) titled PCI DSS Virtualization Guidelines. This document, collaboratively produced by a group of security and compliance professionals, provides guidance on how your security and compliance teams, particularly PCI assessors, should evaluate virtual infrastructure that falls within the scope of payment card compliance requirements. Two key sections of the document stand out one details virtualization risks, and the other addresses control recommendations. Both are generally relevant to the goal of data protection in virtual environments whether or not your servers have any requirement to meet PCI guidelines. Several of the risks include: Increased complexity of virtualized systems and networks: The addition of new technology layers, such as virtual networking and appliances and the hypervisor itself, creates potential misconfiguration issues. These, coupled with virtualization vulnerabilities, can lead to significant risk potential. Mixing VMs of different trust levels: The guidance implies that mixing different data classification levels on a single hypervisor could lead to data loss or exposure (which also logically applies to the storage of VM images). Lack of separation of duties: Lack of proper role definition and privilege assignment could lead to privileged access granted widely and for far more than just the virtualization management console. Page 1

Dormant VMs: VMs that are not active (dormant or no longer used) could still house sensitive data such as authentication credentials, encryption keys, or critical configuration information. Vulnerability of VM images and snapshots: if images aren t secured and protected from modification, an attacker may gain access and insert vulnerabilities or malicious code into the image. The compromised image could then be deployed throughout the environment, resulting in a rapid compromise of multiple hosts. Vulnerabilities in the physical environment apply in a virtual environment: Physical threats also apply to virtual implementations; the most securely configured, well-contained logical partitions will still need adequate physical controls for protection of the hardware. The PCI Council recommends the following control measures that apply specifically to data protection: Evaluate risks associated with virtual technologies: Assess all virtualization components and processes for risk just like any other technology. Restrict physical access: Ensure physical access to VMs and virtualization platforms is restricted and carefully monitored. Implement defense in depth: Security controls should be considered and potentially applied at all layers of technology implementation, including physical systems, hypervisor software, host OS, VM platforms, applications, and storage. Enforce least privilege and separation of duties. As a best practice, restrict administrative access by specific VM function, virtual network, hypervisor, hardware, application, and data store. Harden VMs and other components: Hardening and lockdown should include virtual network interfaces and storage areas, and the integrity of any cryptographic key-management operations should be verified. Earlier versions of the PCI standard addressed the need for encryption of credit card and other sensitive data. With virtualization, sensitive information can be exposed in new ways even if encryption is deployed within the VM. The release of the new PCI Council guidelines demonstrates how critical and widespread virtualization has become and how important it is to evaluate data security risks in these environments to meet both security best practices and compliance mandates. Page 2

The flexibility and mobility benefits of virtualization bring a greater need to expand your thinking about data protection to extend protections throughout the data lifecycle. The Data Lifecycle Securing devices where a VM resides for the moment is not enough. It is important to look at the complete life-cycle of the VM and its data and secure that data wherever it goes: in the private data center, in backups, on remote systems, and increasingly, as VMs are moved into the public cloud. The first key to developing a sound data protection plan is to understand the data lifecycle. Figure 1 shows a widely used model developed by KPMG. Compliance Figure 1. The Data Lifecycle Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7 Gerneration Use Transfer Transformation Storage Archival Destruction The first four phases, from generation through transformation, rely on security through proper data classification and application-specific controls. However, in a virtual environment, there are a number of access control and administration tasks that should be in place to create the framework for an enhanced data protection focus. Page 3

VM Storage Security The fifth phase of the data lifecycle is storage. For VMs, quite a few types of files need to be protected to adequately protect sensitive data. Figure 2 shows an example of these files (for VMware). Virtual Disk (Data) Virtual Disk (Data) Data Virtual Disk (Data) Virtual Disk (Data) Virtual Disk (Guest OS) Virtual Disk (Apps.) Executables Suspend File Config. Files Virtual Machine state & environment Snapshot File Paging File Log Files VM Meta Data VM memory image Critical VM configuration Forensics information There are many files associated with a single VM, from the virtual disk files (.vmdk) to the main configuration file (.vmx). The VMDK disk files are a primary location for sensitive data to be stored, so all VMDK files should be protected and monitored for illicit access or theft. In addition, there are a number of other file types that could potentially store sensitive data, and should be protected as well: VSWP: The VSWP file is your VM s swap or paging file. Each VM running on a hypervisor server gets its own swap file, which is created when the VM is powered on. The purpose of the swap file is to store memory pages when the VM s designated RAM is overcommitted. VMSS: VMSS files store memory data about a VM that has been temporarily suspended. Page 4

VMSN and VMSD: VMs can have data snapshots taken from which they can be restored later. The VMSN and VMSD files contain metadata about the VM and will be created once snapshots are taken. *-delta.vmdk: The DELTA file contains all changes to the VM disk once a snapshot is taken. This file will disappear once a snapshot is actually applied. Securing the data at rest also involves preventing physical theft of the VM files. The theft of a virtualized server no longer requires an attacker s physical presence. Gaining access to file shares, storage devices, or even administrator workstations can lead to theft of whole VMs. For this reason, security teams must be extremely diligent about monitoring activity around virtual infrastructure, including remote access and the use of USB-based storage devices. Sensitive data can be exposed in new ways in a virtualized world. As VMs become more mobile, the VM leaves an information footprint wherever it runs. Another critical data type to consider for VMs is the set of template files that represents master deployment images in your virtual environment. For organizations running VMware vsphere, these templates can consist of two specific files: VMTX: VM configuration templates (correspond to VMX files) VMTD: The VM disk configuration templates (correspond to VMDK files, older format for VM ware that may not be in use on newer platforms) Wherever these template files are stored, employ file integrity monitoring and logging to ensure that unauthorized tampering does not occur. If an attacker or malicious insider compromises the template file, unwanted changes could be replicated across a wide number of systems, causing unusual behavior, data exposure, or even denial-of-service conditions. Page 5

Archival and Destruction: Backup and VM Decommissioning There is a good chance that sensitive data could be present in VM disk or memory-related files, and some of these may be left behind inadvertently if you don t take proper precautions. Data archival and destruction are the last stages of the data lifecycle. For virtual environments, archival means backing up entire VMs and data accessed and stored for use in virtual environments; destruction could mean decommissioning VMs and their associated data. How can VMs stored in their entirety on backup tapes or other media be safely stored? The backup media must be encrypted. VM Data Protection with Encryption The right encryption solution can serve as the foundation for securing VMs and data. The solution should encrypt and protect data on behalf of the VM, and it should also encrypt and protect the VM image on behalf of the hypervisor. Implementing and managing an encryption solution can be unwieldy and difficult, and ongoing mainte nance requires manual processes or complex architecture changes. Ideally, encryption tools would encapsulate the entire VM, including all memory and swap files, snapshot files, and any files that contain sensitive data. Alternately, encrypting specific areas of the VM known to contain sensitive data may be more efficient. In addition to strong algorithms, an encryption solution needs to offer key management and rotation capabilities, and should be as easy to deploy and maintain as possible. Use encryption for VMs at rest and when generating secure VM backup images. Page 6

VM Data Access Control and Monitoring When it comes to crypto key management, the first security principle to enact for virtualized infrastructure is the separation of administrative duties. In many organizations, existing Windows or other systems administrators manage virtualization. Although this may be convenient, there are numerous aspects of proper management and administration of a virtualization environment that should be the responsibility of specific administration teams. Most virtualization platforms allow for reasonably granular role creation and privilege allocation. For example, Figure 3 shows the default VMware vsphere roles available in the vcenter management platform. Many administration teams use the built-in Administrator role and assign most users to roles that allow access to VMs for specific use cases. Many privileges can be assigned, including explicit access to defined data stores, which can help to control data leakage or unauthorized access to data that is stored in VMs. Figure 4 shows some example privileges in vcenter. Page 7

Ensuring that user roles and data access privileges are appropriate for the organization is critical. Unfortunately, native virtualization platforms do not facilitate this, and the creation of proper roles might take significant effort. Access to VMs should be carefully controlled through the assignment of roles and privileges for access and interaction and monitoring and auditing the storage infrastructure where VMs are located. How you control and monitor will depend on the type of storage you have and the monitoring capabilities of tools like log management and Security Information and Event Management (SIEM) platforms. Paying attention to the following types of user activities is prudent: Which users are accessing VM files? Where are the users located? What type of access is employed (vcenter or other management console access to remote fileshare access using domain credentials)? When the VM access and/or VM-related actions took place? Page 8

Conclusion Proper data protection capabilities are vital to a virtual infrastructure hosting sensitive data of any kind, especially if VMs are widely deployed or moving to hybrid and public cloud environments. The recognition of the need for virtualization security through industry and government regulations and from the information security community in general means that security at each stage of the data lifecycle will need to be addressed by solutions that have traditionally been implemented only in physical data center environments. To adequately protect data in VMs throughout their data lifecycle, separation of duties and role-based management are essential, and the existing virtualization vendors do not make it simple or granular to create and assign roles to different groups of users and IT teams. In addition, strong encryption is needed to encrypt full or partial VMs at rest, in backups, and in motion, and simple assignment of policy and key management will speed adoption of this fundamental security control. About the Author Dave Shackleford is currently the Senior VP, Research and CTO at IANS. Previously he was the Founder and Principal Consultant at Voodoo Security; Director, Risk & Compliance and Director, Security Assessments at Sword & Shield Enterprise Security, Inc.; Chief Security Strategist, EMC Ionix at EMC; and Chief Security Officer at Configuresoft; He is a SANS Instructor and teaches virtualization and cloud security to hundreds of companies every year. Page 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information