Securing Virtual and Cloud Environments

Abstract

Organisations have to adapt quickly to changes, continuously investigate innovations and be flexible in order to remain competitive. The information technology (IT) landscape has evolved to enable organisations competitive advantage and to meet targets such as reduced costs, scalability, flexibility, capacity utilisation, higher efficiencies and mobility. Many of these benefits are achieved through the utilisation of technologies such as cloud computing and virtualisation. In many instances cloud computing builds on the capabilities of a virtualised computing infrastructure enabling multi-tenancy, scalability and a highly abstracted cloud model. Even though cloud computing and virtualisation provide significant benefits and cost-effective options for IT hosting and expansion, cloud and virtual IT systems are not risk-free. Risks must be understood to ensure adequate security not only for cloud computing, but also for the underlying technologies enabling cloud computing. The focus of this paper is on mitigation for virtualisation and cloud computing security risks as a fundamental step towards ensuring secure cloud computing environments.