Knowledge gap opens in security

A recent Kaspersky Lab survey has found that although many IT professionals have a solid knowledge of IT security, many of them don’t have a clear understanding around virtualisation security.

According to a Kaspersky Lab global survey, IT professionals who claim to have expert-level knowledge of IT security appear to have a gap in their knowledge around virtualization security. Approximately one-third of these respondents expressed a “clear understanding” of light agent virtualization security or agent-based virtualization security models (34% and 30%, respectively).

Only one-quarter (27%) of these respondents expressed a “clear understanding” of agentless security models. With such a relatively small portion of security experts feeling confident in their understanding of the three major virtualization strategies, the IT security industry still has work to do with regards to raising awareness and education.

It should be noted that between 40% and 50% of respondents reported a “reasonable understanding” of agentless, agent-based, and light agent virtualization security. This indicates that there is at least a good baseline awareness of the technologies. But, that leaves an alarming 25%-31% of IT security experts reporting that they have “no understanding” or “weak understanding” of these virtualization security platforms.

Traditional Security for Virtual Machines:

The survey results, which can be found in Kaspersky Lab’s 2014 IT Security Risks for Virtualization summary report, also pointed to real-world results of this perceived knowledge-gap. One difference can be seen by surveying two groups of IT professionals: those with fully implemented virtualization security, and those with partially implemented virtualization security solutions.

The vast majority (58%) of fully implemented virtualization security solutions were conventional agent-based…the style used to protect physical endpoints. Yet, when asking IT professionals who had only partially implemented a virtualization security solution, the rate of conventional agent-based usage was cut in half to 29%, and newer, more efficient technologies such as light agent and agentless security were used more frequently. This tells us that businesses are just beginning to adopt new styles of virtualization security technology, and their implementation is being slowly phased in.

Perceptions Holding Back Adoption of New Security Technology:

The survey data also pointed to a root cause of the low awareness of specialised virtualization security technology. When IT professionals were asked why they had not adopted a security solution designed specifically for their virtual environments, the two most common answers both pointed to the same conclusion: “our existing anti-malware doesn’t give us problems, and protects more effectively than specialised solutions” (answer: “My existing anti-malware solution provides better protection and performance than other specialist solutions” was given by 24% of respondents: answer: “We do not have any issues with the performance of traditional security solutions in our virtual environments” was given by 20% of respondents). However, third-party testing indicates that these beliefs are misguided and may rely on outdated beliefs that create performance pitfalls for enterprise-level virtual environments.

For example, a study performed by independent security testers AV-Test, compared the results of traditional security deployment – using a software agent on each virtual machine – and specialised ones, like Kaspersky Lab’s light agent approach, which shifts the burden of most security tasks away from the endpoint to a separate appliance. All solutions detected threats similarly well when performing basic AV tasks, but the differences in performance were huge.

The test found that the traditional security measures consumed between 40%-65% more system resources than Kaspersky Lab’s specialised virtual security solution when protecting multiple machines, and could take up to twice as long to boot up virtual machines in heavy load situations.

IT managers and executives are encouraged to learn more about how agentless and light agent security options can significantly boost virtualization ROI.

* Follow Gadget on Twitter on @GadgetZA