Green IT seems to offer the best of all possible worlds: Help the planet while improving the bottom line. But there's a dark side to Green IT as well --- the hidden security dangers that you most likely overlook when you embark on a Green IT program. Here's what you need to know.

Perhaps the most important and most-used Green IT technology is virtualization, which is one of the easiest way to green IT, especially for consolidating servers and the data center. In this blog post, I'll write about virtualization dangers and possible solutions. I'll follow up in future blog posts with other Green IT dangers.

Virtualization presents a variety of security challenges, because it essentially doubles the ways in which your servers can be attacked. Without virtualization, you only need to worry about the machine itself being attacked. With virtualization, you also have to worry about the virtual machines (VMs) running on the physical machine being attacked as well.

Making it even more difficult is that often multiple machines run on a hypervisor. So you also need to worry about the hypervisor being attacked.

There are even more dangers. VMS can be easily ported, which means that someone can literally walk out the door with your servers on a USB drive, or can send them via email over the Internet.

VMs can be easily created, and many pre-created ones are available for download and customization. This makes it much more difficult for the IT department to control the number of servers running in a data center, and knowing what each server does. It's possible for someone to plant a rogue VM on a network that can do many different kinds of damage, such as gathering data, or even spewing spam.

Even when the VM is created for a good purpose, it can become a security danger. If you can't keep track of all the servers, how can you make sure that each has the latest security patches? Without those patches, the servers are vulnerable to attack.

The upshot? If you embark on a Green IT project with virtualization at its core, you need to make sure that security is baked into it from the very beginning. This means more than just devising security protocols. You'd do well to get security software specifically designed for virtualization.

VMware recognizes the problem, and has acquired a number of companies that handle virtualization security, so if you're using VMware for virtualization, look into its security. In addition, check with other companies that specialize in virtualization security, such as ManageIQ and Catbird.

Eclipse photo CC-licensed by Flickr user James Jordan.