Enterprises must adapt their security systems as they move from virtual datacentre use to the private cloud, according to a new report from Gartner.
The analyst firm said that the way companies provide and deliver security services needs to change, and that over a third of all security controls used in datacentres will be virtualised by 2015.
The report identified a number of elements that organisations should consider early on in any transition process when moving from virtualisation to private cloud computing.
"For most organisations, virtualisation will provide the foundation and the stepping stone for the evolution to private cloud computing," said Thomas Bittman, a vice president and distinguished analyst at Gartner.
"However, the need for security must not be overlooked or 'bolted on' later during the transition to private cloud computing."
The nature of security will not change, according to Gartner, but will be delivered in a different way, and should be "decoupled" from physical hardware and allocated to a "fabric" of computing resources.
"Policies tied to physical attributes, such as the server, IP address, Media Access Control address or where physical host separation is used to provide isolation, will break down with private cloud computing," added Neil MacDonald, a vice president and Gartner Fellow.
"For many organisations, the virtualisation of security controls will provide the foundation to secure private cloud infrastructures, but alone it will not be enough to create a secure private cloud."
Gartner said that any virtualised security plans should start with a set of on-demand and elastic services, and that security should be delivered on demand, rather than as part of a set of siloed products.
Security workloads will become standardised as the cloud expands, and can be increased, moved, modified, cloned and retired, Gartner said.
Companies will also need a programmable infrastructure, which means that APIs are used to open up security services.
This will make security "consumable", according to Gartner, and will "enable information security professionals to focus their attention on managing policies, not programming infrastructure".
The analyst firm also suggested that policies should be based on logical as opposed to physical attributes.
By incorporating Runtime context into real-time security decisions, organisations will be able to make quicker and more informed decisions about what action to take during a security incident.
Company that claims Google almost put it out of business celebrates EU Google whacking
Intel launches 64-layer 545-series SSD - but doesn't offer significant performance or price benefits
Not much faster or cheaper than existing technology at the moment, though
Met Police Windows XP migration programme slows with 18,000 PCs still running the antiquated operating system
Met Police still trying to migrate to Windows 8.1 despite its replacement in mid-2015 by Windows 10
Four arrested by City of London police in Microsoft-aided investigation into IT support scam callers
Arrests are 'just the beginning', say City of London Police