4. The newness of hypervisor technology could be an invitation to hackers
Any new operating system is rife with flaws. So, does that mean hackers are champing at the bit to find virtual-operating-system vulnerabilities and launch security attacks?
Industry watchers advise security managers to remain a bit skeptical about virtual operating systems and their potential to introduce more holes and vulnerabilities than they can patch manually.
"Virtualization is essentially a new operating system, which is something that hasn't been done for a long time, and it enables an intimate interaction between underlying hardware and the environment," says Rich Ptak, founder and principal analyst at Ptak, Noel and Associates. "The potential for messing things up is significant."
The virtual hypervisor may not represent as much of a security threat on its own as people might think, however. Having learned from Microsoft's well-publicized problems patching Windows, companies such as VMware may have worked to limit the potential for security holes in the hypervisor technology.
"VMware has done a good job compared to Microsoft, and the vendor seems to be ahead of that type of issue," says Peter Christy, principal at Internet Research Group. "But a hypervisor is a small piece of code that represents a small and limited surface area, which is easier to make more secure than 80 million lines of code."