Yesterday we gave a presentation on virtualization at the Wall Street Technology Association (WSTA). Several major banks from the New York area were present at this forum (Bank of New York Mellon, CitiGroup, Merril Lynch, Morgan Stanley, Depository Trust and many more).
The forum really addressed the emergence of virtualization within the financial community and how security is much different in a virtualized world then it’s physical counterpart.
The forum began with a panel discussion that was focused around a case study of DTCC and Citi and their successes and challenges while moving to a virtualized server infrastructure.
The overall security trends / issues that were discussed:
- Operating System and data isolation for machines connected on the same hypervisor
- Challenges of application isolation
- Keeping up with patching cycles
- Preventing VM escape
Overall the event addressed some really good points regarding server virtualization that I think that every corporation should embrace. From our perspective we talked about taking a holistic approach to end-point security when securing a virtual asset.
My presentation talked about the current and perceived threats to server virtualization. You can find a copy here.
