After reading this article, I had a few dissenting thoughts, maybe someone will provide their perspective?

The article suggests not running critical workloads virtually based on a failure scenario of the hosting environment (such as ransomware on hypervisor).

That does allow using the ‘all your eggs in one basket’ phrase, so I agree that running at least one instance of a service physically could be justified, but threat actors will be trying to time execution of attacks against both if possible. Adding complexity works both ways here.

I don’t really agree with the comments about not patching however. The premise that the physical workload or instance would be patched or updated more than the virtual one seems unrelated. A hesitance to patch systems is more about up time vs downtime vs breaking vs risk in my opinion.

Is your organization running critical workloads virtual like anything else, combination physical and virtual, or combination of all previous plus cloud solutions (off prem)?

  • RedFox@infosec.pubOP
    link
    fedilink
    English
    arrow-up
    7
    ·
    2 months ago

    Seems like your org has taken resilience and response planning seriously. I like it.

    • superkret@feddit.org
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      Another newspaper in our region was unprepared and got ransomwared. They’re still not back to normal, over a year later.
      After that, our IT basically got a blank check from executive to do whatever is necessary.

      • RedFox@infosec.pubOP
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 months ago

        Blank check

        Funny how that seems to often be the case. They need to see the consequences, not just be warned. An ‘I told you so’ moment…

        • superkret@feddit.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 months ago

          I’m just glad they got to see the consequences in another company.
          Their senior IT admin had a heart attack a month after the ransomware attack.