Any snapshots that were stored that had undetected malware could be reloaded at a future date and cause havoc.– Fibre Channel and i SCSI are clear text protocols and could be vulnerable to man-in-the-middle attacks.– Every time a VM is created, another OS is added that needs to be protected, patched, upgraded and maintained.Additional OS with related issues can increase risk.Encryption can be used on the host bus adapters used in Fibre channel implementations, but many times it’s not used due to the negative performance issues that occur.– If the hypervisor is compromised, any attached VMs will also be compromised, and the default configuration on the hypervisor isn’t always the most secure.Loss of the data on the VM would be equivalent to breaking into a data center, bypassing the physical security, and stealing a physical server.
Any unnecessary or additional images could really be a cause for concern.
– When file sharing is used, a compromised guest can access the host file system and modify or change the directories that are used for sharing.
– When clipboard sharing and drag and drop are used by the guest and host, or when APIs are used for programming, substantial bugs in these areas can end up compromising the whole infrastructure.
Audit logs can also be lost, which would eliminate any record of changes that you may have made on the server.
These unfortunate results can make it difficult to meet compliance requirements.
– VMs that are not isolated can have full access to host resources.