Financial services and healthcare are the two business sectors most likely to see security concerns as a barrier to implementing IT virtualisation technology, according to a Kaspersky Lab survey of 3 900 IT professionals worldwide.When asked about attitudes toward emerging technology trends, 50% of financial services respondents agreed that security concerns were hindering their adoption of virtualisation technologies, followed closely by 49% of healthcare industry respondents. These were the two highest response rates to this question, compared to a global average of 40% of all remaining non-industrial sectors (43% with industrial sectors included).
Conventional wisdom would suggest that security concerns toward new technologies might resonate strongly in financial services and healthcare, since both sectors manage huge amounts of highly-sensitive user data. Moreover, both these sectors are bound by strict compliance laws governing the protection and access of their corporate data.
In fact, the financial services and healthcare sectors also ranked the highest in their response to another issue: being overwhelmed by compliance requirements, with response rates of 40% and 38% respectively.
The remaining non-industrial segments had an average response rate of just 27% to “being overwhelmed by compliance requirements” (31% with industrial sectors included). This data suggests that concerns over potential
compliance issues could be fueling the perceived “security concerns” that the survey found to be associated with new virtualisation technology.
Interestingly, these two sectors, which seem so reluctant to implement new virtualisation technologies, don’t seem overly concerned about securing the virtual machines they already have. In the financial services industry, “Security of Virtualised Infrastructure” was listed as a top IT security concern by only 16% of respondents, and only 12% in healthcare, compared to an overall average of 14%.
Kaspersky Lab has previously reported that a large portion of IT professionals lack a strong understanding of virtualisation security.
The survey found at least one-quarter of all IT professionals had “no understanding” or “a weak understanding” of their virtualisation security options, and the vast majority of existing virtualised infrastructure was being protected by traditional “agent-based” security. Agent-based security is the same style of security used to protect physical endpoints, but can result in performance issues and security gaps when applied to virtual machines.
Based on this data, we can theorise that IT providers in the compliance-heavy Financial Services and Healthcare sectors are concerned that adding new virtual platforms to their networks may require virtualisation-specific security measures, which they don’t fully understand.
If this theory is correct, IT departments in the Financial Services and Healthcare sectors aren’t reaping the potential benefits that virtualised infrastructure can bring to their networks based on a fear of unfamiliar security technology creating compliance issues and other risk-factors.
Modern virtualisation security platforms, based on agentless and light agent approaches, can actually reduce the complexity of managing virtual networks, boost overall network performance and can be customised to ensure that security requirements of compliance regulations are fully met.