The Virtualization Practice

Tag Archive for HIPAA

VirtualizationSecurity

Security is not compliance and compliance will not get you security. At least that is what I hear from security teams. Conversations with security focal team members from non-security focal people can be quite interesting and has its unique challenges and hurtles to overcome. You can find yourself speaking the same language but not fully understanding each other very well at all. One topic point of discussion is that “security is not compliance and compliance will not get you security.” Or does it?

VirtualizationSecurity

Cloud based security is about securing the data, yet compliance requirements are often about securing the environment, such as PCI’s requirement for web application firewalls, which protect web servers and perhaps applications and imply protection of data. But they do not directly protect data. How can a Software Defined Data Center implement a form of Software Defined Security automatically to meet not only compliance requirements, but security around a particular mote of data?