VMWORLD 2016: Digital transformation is exciting for many businesses, but VMware has made sure that security plays an integral role
According to Rajiv Ramaswami, VMware’s executive vice president and general manager of Networking & Security, the average cost of a data breach now stands at €4 million – a figure that could bankrupt many businesses.
The rise in use of mobile devices, virtualisation and cloud environments has dramatically increased the number of potential attack vectors organisations have to be aware of and protect accordingly.
CEO Pat Gelsinger added that by 2021 there will be 18 billion machine devices online, meaning IoT devices rather than smartphones or tablets. While he said that is an opportunity for VMware, it is also undoubtedly a threat to businesses.
The recent leak of source code behind “Mirai,” which can control botnets made up of hijacked IoT devices, is proof of that.
As TechWeekEurope reported earlier, VMware has also updated a number of its products with new security features. vSphere 6.5 will now support native VM encryption, protecting data at rest and in motion. A Secure Boot function has also been added, ensuring that only authorised code and images can run.
Ray O’Farrell, CTO at VMware, said: “vSphere has built-in security to protect the data and the infrastructure itself, and to make sure the access to that infrastructure is secure.
“One of the challenges you have is that when you encounter a security event you really need to understand exactly what’s going on. That requires forensics. We’ve added audit-quality logging, which helps understand who has made changes to a system, and what changes have been made within the system.”
Updates to Workspace One include new data loss prevention (DLP) features added to Office 365 environments. Users are no longer able to link Office 365 applications to personal file-sharing services. VMware says this reduces the possibility of sensitive information being leaked outside the organisation.
Ramaswami spoke about the potential of NSX, VMware’s network virtualisation platform, from a security point of view. It uses something called micro-segmentation, which creates walled-off sections of the network. This keeps them separate from the larger network and therefore reduces risk.
This approach can help companies provide a safe environment for applications, Ramaswami said. “For IT professionals, the challenge is to evolve your networking and security architectures to enable you to run these applications anywhere. That’s why network virtualisation is relevant and critical, and needs to be an integral part of the environment going forward.”
“With micro-segmentation, pioneered by NSX, it’s as if each application gets its own firewall,” Ramaswami added.