Re: Virtualization and Security ?

["St Clair, Jim" <Jim.StClair () GT COM>]

Joel Rosenblatt wrote:
> This is what happens when you have too many specialists :-)

That's true, but I would also think there is an segregation of duties
(SoD) issue - depending on your use of virtual servers, do you want the
OS admin to also manage the virtual environment?

James A. St.Clair, CISM, PMP
Senior Manager
Global Public Sector
Grant Thornton LLP
T  703-637-3078
F  703-637-4455
C  703-727-6332
E  jim.stclair () gt com


The people in the independent firms of Grant Thornton International Ltd provide personalized attention and the highest 
quality service to public and private clients in more than 100 countries. Grant Thornton LLP is the U.S. member firm of 
Grant Thornton International Ltd, one of the six global audit, tax and advisory organizations. Grant Thornton 
International Ltd and its member firms are not a worldwide partnership, as each member firm is a separate and distinct 
legal entity.
In the U.S., visit Grant Thornton LLP at http://www.grantthornton.com/.
-----Original Message-----

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel Rosenblatt
Sent: Tuesday, November 11, 2008 12:48 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: Virtualization and Security ?

Because they didn't have access to the EMX console - they were admins
for the underlying OS only, not the virtualization.

This is what happens when you have too many specialists :-)

Joel

--On Tuesday, November 11, 2008 10:34 AM -0700 Eric Case
<ecase () email arizona edu> wrote:

> At 09:40 AM 11/11/2008 -0500, Joel Rosenblatt wrote:
> > One thing that we ran into was that the administrator of the hosting
> > system should be able to shut down each virtual machine separately -
> > we had one virtual machine compromised over a weekend and the only
> > person available was the admin of the host - so, the whole system
> > was shut down until we could dig up the admin of the bad virtual
host.
>       Why didn't you suspend the compromised machine?
> -Eric
>
>
> Eric Case, CISSP  <ecase () Arizona edu>
> Information Technology Services Coordinator
> Information Security Officer
> College of Engineering   <http://www.Engr.Arizona.edu>
> 1127 E James E. Rogers Way Room 200
> Tucson, AZ 85721-0020
> Mobile Phone 520-275-6436



Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

In accordance with applicable professional regulations, please understand that, unless expressly stated otherwise, any 
written advice contained in, forwarded with, or attached to this e-mail is not intended or written by Grant Thornton 
LLP to be used, and cannot be used, by any person for the purpose of avoiding any penalties that may be imposed under 
the Internal Revenue Code.
--------------------------------------------------------------------------
This e-mail is intended solely for the person or entity to which it is addressed and may contain confidential and/or 
privileged information. Any review, dissemination, copying, printing or other use of this e-mail by persons or entities 
other than the addressee is prohibited. If you have received this e-mail in error, please contact the sender 
immediately and delete the material from any computer.