Securing Data in Virtualized Environments

BitArmor DataControl is a better option for virtualization security

• Persistently protect the data itself
• Encrypt virtual images stored on disk
• Protect data moving among virtual and non-virtual environements

BitArmor DataControl™ continually protects data in virtual environments via its Smart Tag™ technology. Smart Tags contain policies for data protection and are attached to the data itself, both while at rest and moving between multiple devices, including virtual devices. Smart Tags travel with data at all times, so protection remains constant even as files move between physical environments and virtualized ones.

In addition, BitArmor can encrypt virtual images (such as VMware or Virtual PC images) on disk and can ensure the integrity of those images. Moving or copying virtual images does not compromise their security. Read more about how BitArmor can protect data in your virtual environments.

Why BitArmor is better for virtualization security

Any execution environment requires four elements: devices/OS, networks, applications, and data.  With the advent of virtualization, physical devices are being replaced by flexible, on-demand virtual devices. Networks are being virtualized and applications are being streamed down from virtual environments. The only constant, non-virtualized element is the data itself.And this data has a longer lifetime than the virtual elements, thus increasing its exposure and risk profile significantly.

Most virtualization security solutions focus on protecting the virtual OS, virtual networks, or the hypervisor software itself -- very similarly to device-specific security solutions in physical computing environments. This approach does not account for the increased risk on data.

In addition, since information must move between physical and virtual environments, individually and seperately protecting the virtual and non-virtual environments just duplicates a siloed approach. It also adds another set of individual protection solutions to an already complex security infrastructure.

An information-centric approach to Virtualization Security

While protecting the virtual infrastructure is important, the primary focus for protection should be the data – the true IT asset. This data has a longer lifetime than dynamic virtual environments. It also is the only element that can traverse the virtual and non-virtual environments.

When protecting virtual environments, resources can be wasted:  

1. Duplicating separate protection capabilities for virtual and non-virtual environments
2. Protect the ephemeral virtual environment, as opposed to the data itself, that isn't permanent

Virtualization has changed the way we think about computing infrastructure; now virtualization security has to be rethought as well.  An information-centric approach to persistently protecting the data itself is the only way to really benefit from virtualization and keep data truly secure. Data Control and Smart Tag technology are the only solution to continually protect data when faced with these new challenges.