Designated a "cool vendor" by Gartner in this year's risk management, privacy and compliance report, HyTrust apparently is looking to add a new moniker, perhaps "prophet of doom and gloom." The company is warning that more than 80% of organizations are not implementing virtualization and cloud infrastructure correctly, and are leaving themselves vulnerable to attack. And, in a related move, the developer of policy management and access control solutions for virtual infrastructure is also announcing a partnership with CA Technologies to improve security and compliance.
As organizations essentially collapse multiple, previously separate IT or data center domains--systems, storage and networking--as they increase their use of virtualization, they are facing attacks on their management layer, says Eric Chiu, president and founder of HyTrust. A good example of this threat, he says, is the Shionogi Pharma breach, where a former employee was able to log into his employer's network from a McDonald's and delete 15 VMware virtual host systems (the equivalent of 88 company servers). The systems were running the organization's email, order tracking, financial and other services.
Chiu says the data was collected from the more than 1,200 customer qualifications the company does annually. There are organizations already using virtualization, and close to 90% of them are not following best practices for virtualization. Further, more than half are moving to management control but are not addressing access controls. "Also, their admins are not using alert tools to let them know when bad things are happening, which puts them at risk like at Shionogi."
As for the CA partnership, Chiu says that combining the HyTrust Appliance with CA's access control and cloud automation solutions helps solve the issues involved in enforcement of end-to-end security policies and compliance controls. The two companies have a number of joint customers, and, with CA being the largest player in this segment, it just made sense to go to market together. Chiu says more details will be forthcoming within the next few weeks. HyTrust also plans to announce a new partnership with Trend Micro around the provision of combined reporting for virtual security.
The CA partnership is a good move, says Dave Bartoletti, senior analyst and consultant, Taneja Group. "I think it’s a very wise choice to partner with a leader [30% market share makes CA a strong contender for leader] and get it right, before trying to build out a larger partner ecosystem. HyTrust has smartly recognized that, as a small firm, they can only effectively manage a limited number of partnerships. I expect them to prove out the CA integration before expanding."
Bartoletti says that too many startups try to partner with too many partners--the "we’ll work with anyone" strategy, to avoid any market limitations. "In practice, we see this in the management space, with every little management vendor touting support for Vmware, MSFT, Xen, RHT, etc. ... The risk is you end up with a 'good enough' solution for any platform, rather than a great solution for one. I think it’s the biggest challenge in the virtualization and cloud management ecosystem: If you’re going to stand out, multiplatform support (or integrating with everyone) isn’t much of a differentiator. You’ve got to build a better mousetrap. And HyTrust still has a unique focus on securing the management plane. I’m glad they are staying focused."
As for HyTrust's warnings, Bartoletti agrees there are valid concerns. "Security is always a trailing feature in disruptive technologies, and securing the management plane has become more important with every IT element that’s virtualized." The reality is that virtual servers are much more portable and transient--and more easily messed with--he says, so enterprises do have to think differently about how they can be attacked, how they can be killed, and how they must be protected.
"The good news is that HyTrust has been laser-focused on these problems from their founding days," Bartoletti says. "As the bigger enterprises move business-critical workloads to virtual machines, they have an established vendor to help them protect their workloads from multiple attack vectors, and from multiple types of administrative dangers.”
See more on this topic by subscribing to Network Computing Pro Reports Security That Never Sleeps (subscription required).