Articles Tagged with DISA

Virtualization Security for the SMB, Starting Point for All

The most recent Virtualization Security Podcast was on the subject of virtualization security for the SMB. Specifically covering the case where the customer wanting virtualization security could afford to purchase a hypervisor and perhaps one other security product. In the end the panelists came up with a list of suggestions for virtualization security for the SMB that are applicable to all levels of Virtualization. The panel looked at SMB security with an eye towards Availability, Integrity, and Confidentiality.

The list follows:

  • Download/create a Security and Incident Response Policy: It is very important to have a policy as this will not only let you know your responsibility and legal coverage but will also contain what you need to do if there is a security incident we respect to your data and environment.
  • Segregated your virtualization networks from production networks: Virtualizition Networks are not virtual networks but those networks required by the hypervisor functionality such as Management Appliance, Fault Tolerance, High Availability, LiveMigration/vMotion, and Storage virtual networks.

    Read More

NIST Cloud Computing Definitions Final

On the Virtualization Security Podcast from several weeks ago, wh had Craig Balding of the Cloud Security Alliance (CSA) and Peter Mell who heads up Cloud within NIST as guests, who announced the availability of the NIST Cloud Computer Definitions as well as some basic guidance around securely using the cloud. While the NIST definitions were available in draft form prior to a few weeks ago, they are now official definitions, and this is a large step forward for the cloud.

Read More