By 2016, experts predict that virtualization will encompass 86% of all server workloads, meaning virtual machines (VMs) are more commonplace than physical servers. Given this trend, data centers must develop best practices that ensure the same level of data security for virtual environments as they do for physical ones.
Part of a comprehensive data center security policy involves creating effective data-erasure practices for active virtualization environments like VMware. Such practices require secure, auditable erasure solutions that can overwrite data without affecting operations, data center productivity, other VMs or activities on the physical host.
As an example, erasure of VMs in the popular VMware environment can occur in a variety of ways, and it is important for data centers to understand when to perform it in the data lifecycle. Such erasure provides proactive data-leak prevention and full compliance with an overall data security policy, as well as with customer demand, security standards and regulatory requirements, while also providing detailed reports for a transparent audit trail.
Challenges of Erasure in a Virtual Environment
With the increase in stored information and managed applications driven by the growth in cloud services, data centers are challenged more than ever to protect the valuable data their hardware contains. A vigilant data-erasure policy not only protects data, it also opens doors for data centers to compete and better serve customers in regulated industries such as government clouds, health care, finance and retail.
VMs require the same level of security as physical servers, yet their erasure presents different challenges. This situation exists because erasure must be done in an active, online environment without affecting other VMs running on a particular piece of hardware, necessitating a targeted erasure that avoids interrupting operations.
Although the focus was previously on pulling data into the cloud, growing attention now focuses on securing this data when it exits or moves, as with a change in service providers. Protecting data throughout its lifecycle using a comprehensive data end-of-life policy helps cloud and managed-service providers improve security by erasing data when equipment is reassigned. It can also target specific information for erasure on a time- or event-driven basis, as required by standards like the Payment Card Industry Data Security Standard (PCI DSS) and the ISO 27001 Security Standard. Additionally, data-erasure tools provide the required proof of erasure in the form of detailed, auditable reports about every VM or logical unit (LUN) that is erased.
Also, organizations such as the Cloud Security Alliance require secure erasure of user data at the end of the data lifecycle, as well as auditable proof of it having taken place. All cloud providers that are part of this organization (or similar organizations) must adhere to these guidelines. In addition, a recently published ISO standard, 27018, primarily focuses on protecting the privacy and personal data of the end users in cloud environments.
Erasing VMs on the vSphere Hypervisor (ESXi) Platform
For VMs hosted on an ESXi platform, simply deleting or removing them from the inventory does not securely erase them. By installing a data-erasure tool directly on the ESXi level, VMs in vSphere can be manually erased or scripted for automated erasure on demand. During the erasures, all files associated with the targeted VMs are securely erased (VMDK, VMSD, VMX and VMXF).
Targeted erasure of a VM is necessary, for example, when a customer deletes a VM or changes service providers. Data-erasure tools can accomplish this task without requiring a reboot of the host device. After erasure, the storage can be safely reused without compromising customer data.
Erasing VMs Through vCloud Director
As with VMs on the ESXi platform, VMs accessed through vCloud Director (the provisioning portal) are constantly being deleted or moved within the data center, necessitating data erasure. Data-erasure tools can add an extra dimension to vCloud Director’s already strong security foundation. By offering seamless integration and access through the vCloud Director user interface, these tools automatically destroy all data on VMs or vApps in active systems when the “delete” command is issued. Using this feature, data centers can easily erase VMs that are no longer valid, helping support internal and external infrastructure-as-a-service offerings.
Erasing From an In-House Developed Portal
No matter what interface is used to access VMs, data-erasure software can securely erase a VM at the host level. For example, end users running VMware ESXi hosts often deploy VMs with an in-house developed portal instead of vCloud Director. In this situation, data-erasure software is installed on the ESXi hosts and executed from the in-house developed portal through the erasure software’s REST API.
Supporting the Software-Defined Data Center
Whatever the virtualization environment, today’s software-defined data centers need a strong data-erasure policy to manage and protect customer data and their own reputation as a cloud provider. By incorporating data-erasure policy and technology in daily operations, data centers can ensure this protection and auditability without harming operations.
About the Author
Lucas Weber is product manager for the Live Environment Erasure suite of products from Blancco, the global leader in data erasure. Weber focuses on helping organizations adhere to their data-erasure compliance requirements in the software-defined data center.