The most important THING is people’s intentions. But you asked for the most important technological advance.

I know the net is nearly as old as I am but each astounding new fad (Flickr, Digg, Facebook)reminds us we’ve yet to get to grips with its full implications. Just as, indeed, I’m still trying to work out what i’m doing here.

Yes, I’d agree that the vast majority of virtualisation stuff is intra-company rather than, say, cross-customer at a managed co-lo facility (btw, I often use the managed co-lo scenario as the toughest one I can think of, from the perspective of security issues and rigour), but even then, I’ve heard about places where different departments do not trust eachother to have over-arching authority on what they see as “their” systems. This tends to hapen more often when consolidating per-geo systems into a multi-geo environment in a multinational organisation, at which point the differences in governance requirements cross-geo can also raise interesting issues. From a CSIA perspective, of course, this is unlikely to be an issue.

Consider virtualisation; in its many forms, it’s probably been the “buzzword du jour” for the last few years. I’m not calling virtualisation a threat, by any means, but it serves as a useful example of how the use of sufficiently complex enabling technologies can create threat or the perception of threat if incorrectly handled.

People like to be able to point to a storage array and say “this is where my data is”. Storage virtualisation can take that “level of comfort” away.

When consolidations are performed into new virtualised environments, the question of “ultimate authority” can sometimes arise. If Dept A and Dept B, who used to have a machine each, have their machines replaced with zones on a Solaris 10 box, they will be concerned about who has root in the global zone. If you instead give them each a logical or physical domain on the same box, they will be concerned about who has root on the domain controller. Naturally, this is something fixable in policy, but the threat of compromise of the “ultimate authority” system still needs to be mitigated.

When you also consider hypervisor environments and products such as VMWare, concern arises regarding what can be done to a guest OS from the host OS. While there is no VMWare product which supports Solaris as a host OS at this time, I speculate that it would be “difficult but interesting” to use DTrace to modify the behaviour of a VMWare guest OS, or what the guest OS sees in its I/O environment.

Mechanisms need to be in place to ensure that such tools are not installed “at the wrong level” in such environments.

In fact, if you extend “virtualisation” to “security abstraction in general”, you get to the point where web services can declare all manner of interesting security conformities to eachother, oblivious to a Bad Guy sitting at the root shell of the environment that a service is running in, watching everything it does.

Virtualised infrastructures, IMHO, require the most rigorous and joined-up policies and procedures. This tickles my irony bone, but also makes me wonder whether we can be certain that the procedures close or mitigate the existence of the potential holes.