Security Benefits and Challenges of Virtualization in a Cybersecurity Context

Security Benefits and Challenges of Virtualization in a Cybersecurity Context

Cybersecurity is a fast-evolving field that is continually being faced with new challenges for not only individuals but also companies and government agencies. Even though a great population of current users understands cybersecurity as a discipline concerned with protecting computers from viruses and other forms of malware, this is only one aspect of this noble subject (Corallo et al., 2020). It is, therefore, essential for users and organizations to understand that data breaches include breaking into the organization’s network and stealing confidential information that may result in the loss of revenue, together with penalties involved in safeguarding the organization’s assets.

Four fundamental concepts of cybersecurity dictate how data can be protected. The first fundamental concept is device protection, which individuals and companies should prioritize in protecting against cyber threats. Under this concept, individuals and organizations must consider protecting the devices that connect to the internet by adopting anti-virus software, activating two-factor authentication, and performing regular automatic system software updates (Wilson & Kiy, 2014). Second, securing online connections has been identified as a fundamental concept of cybersecurity. Further protection can be offered to individual devices when connected online by using Virtual Private Networks (VPN). Using a VPN ensures that online transactions are secured, including but not limited to browsing details, location, the identity of the user, and any sensitive information belonging to the user, such as passwords or bank details (Wilson & Kiy, 2014).

The third fundamental concept of cybersecurity revolves around securing email communication. Research has depicted cybercriminals as using email addresses to gather sensitive information about individuals or companies. Based on this understanding, encrypting email addresses is highly recommended as one of the proper measures to prevent sensitive data from being illegally accessed by third-party individuals (Wilson & Kiy, 2014). The last fundamental concept of cybersecurity relates to protecting and performing timely backups of files and documents. There are two broad categories of backups: remote backups, which are considered offline measures, and cloud storage, which is considered an online strategy (Wilson & Kiy, 2014). The only problem with remote backups is that they are not easily accessible from anywhere. This is where cloud solutions come in because they can easily be accessed from different locations.

Information assurance (IA) refers to protecting against and managing risks related to data processing, storage, use, and transmission across different systems. The five pillars of information assurance include the protection of confidentiality, integrity, authenticity, availability, and non-repudiation of the data being used by the users (Wilson, 2012). The first pillar of information assurance relates to confidentiality, which prevents the disclosure of information to unauthorized parties, devices, processes, or groups. This pillar calls upon encrypting highly confidential data to prevent third parties from decrypting it. Permission is only granted to authorized parties (Wilson, 2012). Additionally, integrity relates to the accuracy and completeness of vital information. Confidential information belonging to the organization should not be altered during storage or transmitted from one user to another. This requires organizations to have policies in place so that users can know how to use their systems properly.

The third pillar of information assurance is availability, which dictates that authorized users can easily access information services. Under this pillar, organizations must ensure that IT resources and infrastructure have remained robust and functional at all times, even when facing adverse conditions. Information can only be available if the organization protects its system against hackers, malicious codes, or any threats that may be blocking the accessibility of the information system (Wilson, 2012). Fourthly, the authenticity pillar focuses on establishing the validity of a transmission or message or verifying that an individual is authorized to receive some confidential information. Adopting authentication measures is important because it prevents impersonation and requires users to confirm their identities before being granted permission to access the resources on the system (Wilson, 2012). Lastly, non-repudiation focuses on offering proof that confirms the sender’s and recipient’s identity. This prevents either party from denying to have sent, received, or accessed the data.

A host operating system refers to software that runs on a computer by permitting it to communicate with its ha