Enterprise Architecture Practitioners Conference The Open Group
You are here:  Home > Events > 3rd Security Practitioners Conference, Toronto 2009
Introduction
Program
Other Open Sessions
Propose a Presentation
Member Meetings
Dinner Event
Registration
Fees
Venue & Transport
Exhibit / Sponsor
Contact
Future Events
Past Events



The Open Group's Platinum Members
  Manu Namboodiri, Vice President of Marketing, BitArmor    


Manu Namboodiri Manu Namboodiri is Vice President of Marketing and responsible for strategy and marketing at BitArmor. Most recently, he led product management for Windows Vista deployment technologies at Microsoft.

With extensive experience in the technology industry, Mr. Namboodiri has worked for Morgan Stanley and Sun Microsystems in corporate development and product management leadership positions.

He has a master's degree in computer science from the University of Texas at Austin and an M.B.A. from the Kellogg School of Management at Northwestern University.

   
 


Presentation

Debunking the doomed approach to Virtualization Security

Virtualization security solutions today primarily focus on protecting the virtual OS, the virtual networks, or the hypervisor software itself. More specifically, most current virtualization security technologies are focused on preventing hypervisor root kits, providing intrusion detection, anti-malware, anti-virus, network security, etc. In the physical world, this is similar to individually protecting hardware, operating systems, and the networks that connect them. That is, the focus is mainly on protecting infrastructure and perimeter, not data. Protecting that data, however, proves to be the single most important aspect of virtualization security.

Any computing environment requires four elements: devices/OS, networks, applications, and data. With the advent of virtualization, physical devices are being replaced by flexible, on-demand virtual “devices,” networks are being virtualized and applications are being streamed down from virtual environments. Therefore, the only remaining “constant” element is the data itself and cannot be virtualized (even though its location may be). This data has a longer lifetime than the dynamic, on-demand and ephemeral virtual environment. Why are we spending the majority of resources to protect this shortlived environment, while we should be protecting the more vulnerable and longterm asset, the data?

While protecting the virtual infrastructure is important, the primary focus for protection should be the data ­ the true IT asset. Virtualization is a game-changer for computing and has forced the IT world to rethink its infrastructure; now virtualization security has to be rethought as well. An information-centric approach to persistently protecting the data itself is the only way to really benefit from virtualization and keep the data truly secure.

return to program

 

    
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page