BANGALORË, INDIA: So far, there was only one way to be on the fly. Having your own IT wings and investing in them arduously so that no feather is clipped enough to disrupt the flight. But as a new disruptive technology started breathing aloud, there springs another possibility for enterprises.

Chuck the worry of all the capex, opex and maintenance or management hassles of those wings, and instead plop yourself comfy on a cloud. Float free and let the cloud take care of your everyday IT flight. The question, however, is, what if the cloud starts leaking someday? And that's exactly what enterprises are asking before they buy in the oh-so-promising Cloud-9 scenario that vendors swamp them with.

To rephrase it in our routine lingo, Cloud Computing is a pool of abstracted, highly scalable, and managed compute infrastructure capable of hosting end-customer applications and billed by consumption, as Forrester defines it.

Be it your internal IT infrastructure, or your need of additional resources, thanks to cloud technology, an enterprise can now go on an internal or external cloud and let a cloud specialist invest in all the brick-and-mortar of IT while the enterprise can consume its needs over an Internet enabled platform.

The question is, how much security-proof and plug-in-scalability can it promise?

Security Eh!

When a server is virtualized, it is layered upon an operating system called the hypervisor. This is the master supervisor of the inputs and outputs for the server, as experts explain. When another virtual machine (VM) is added to the server, the hypervisor manages all the network linkages and any connections between the two VMs. Of course, this nulls off the need of physical cables, but the downside is that any security gateways that may have existed between the original servers are now absent.

Time and again, flaws have been discovered in components of virtual machine software that has called attention to some of the security risks associated with the practice of running virtual computers on a single system. Recently too, researchers pointed out bugs in platforms of biggies like VM Ware and other noise is being made out time and again.

So how can one assess the security alarms on virtualization in general? And how big and realistic is this CIO concern area?

These incidents really do not undermine virtualization, answers Andi Mann, vice president of research, systems and storage management, Enterprise Management Associates, an IT management research, industry analysis and consulting entity.

"They do, however, highlight a fundamental question,” he adds. "Is the cost of effective virtualization risk management more than offset by the business benefits of secure virtualization? This, in turn, really emphasizes just how much Virtual Systems Management (VSM) including configuration management, compliance reporting, patch distribution, etc is likely to be the key differentiator of virtualization success in any respect. A disciplined approach to IT management reduces risk while yielding business benefits across multiple interests."