Jason Landry
Senior Solutions Marketing Manager, Ixia
Blog

What the Apple vs. FBI case can teach us about fast-moving tech and virtualization

May 11, 2016 by Jason Landry

What’s your view on Apple’s recent clash with the FBI over iPhone security? Is Apple a champion of data privacy in an increasingly Orwellian world? Or is the FBI justified in trying to sidestep Apple’s privacy measures?

Whatever you think, one thing is certain – our laws and ethics around data privacy can’t keep up with the pace of change. Discussions around how much of our personal data should remain secret have tended to come after it has already been collected, stored, monitored by governments, or monetized by big firms.

The Apple vs. FBI clash is a classic example of technology moving faster than the courts. Apple’s encryption technology (locking the FBI out of criminals’ and suspects’ iPhones) has created a situation our justice system simply isn’t prepared for.

Playing catch-up with virtualization technology

Similarly, rapid growth in virtualization technology has left many unprepared for the unique security risks that come with it. Businesses are accelerating adoption. In fact, four out of five consider virtualization a strategic priority. And two-thirds are already running business critical applications on virtual servers. But virtualization tech is moving faster than peoples’ efforts to ensure it remains secure.

Don’t miss the blind spots

In 2015, Gartner estimates 75 percent of workloads were virtualized. This will only continue to grow. Virtualization involves VM to VM communication – much of which bypasses traditional, physical monitoring tools, creating huge security blind spots.

Since VM to VM traffic can form up to 75 percent of traffic in the data center, it’s crucial that these blind spots are eliminated. Those using only physical network monitoring may be checking as little as 20 percent of the true traffic in their data center. Few would be so brave as to take this high-risk approach, right?

The data show otherwise. As many as 63 percent of global businesses are not monitoring their virtual data centers. In other words, two-thirds of companies across the globe have glaring blind spots. Are you one of them?

What are the dangers that come with network blind spots?

  • Outages
  • Performance issues
  • Security threats
  • Compliance problems

But the risks run even deeper. We live in an age where personal data is extremely vulnerable to abuse by fraudsters. Companies are painfully aware of the need to be stringent concerning customer data security. Yet, personally identifiable information (PII) stored on virtual servers remains largely exposed to attack.

The huge Target hack of 2013, which left tens of millions of customers’ payment information open to misuse, shows the very real threat posed by hackers and malware. To shield themselves from financial and reputational damage, companies must be able to monitor both physical and virtual environments to spot anomalies.

Three steps to future-proof your security

To ensure your security measures keep pace with virtualization technology advances, consider taking the following steps:

One: Be proactive

Our research shows only a third are concerned about their inability to monitor virtual environments. And just 38 percent plan to increase their monitoring capabilities over the next two years.

This simply isn’t enough. The security risks associated with network blind spots are real – and they need to be acted on sooner rather than later.

Two: Get informed about virtual taps

Virtual taps are a great way to monitor virtualized environments. They give 100 percent visibility over inter-VM traffic – driving up security, compliance, and performance. But worryingly, 51 percent of business and IT professionals don’t know about them. Find out how virtual taps can help safeguard your business today.

Three: Adopt a strategy that suits your business

Be sure to develop a network monitoring strategy that fits your unique, virtualized environment. We recommend asking these questions as a starting point on the journey to robust virtual security and visibility:

• What application traffic do I need to see?
• How much of the traffic do I need to see?
• Will I adversely affect the application if I copy its traffic?

The verdict
The case between the FBI and Apple was settled when the FBI cracked the iPhone without Apple’s help. But, it also left many questions unanswered. The Case for Monitoring Virtualization Traffic infographic leaves no questions unanswered.