Who should secure virtual IT environments?

Home
Topics
Application and Platform Security
Virtualization Security Issues and Threats
Who should secure virtual IT environments?

Who should secure virtual IT environments?

Who should secure virtual IT environments?

Date: May 04, 2009

Security blogger Chris Hoff and Citrix CTO Simon Crosby discuss whether security companies or virtualization vendors should be responsible for the security of virtual environments. The two security experts sat on a panel discussion with VMware's Stephen Herrod at the 2009 RSA Conference in which the future of virtualization technology was discussed. The experts agreed that the evolution of the technology could change drastically over the next 18 months. The interview was conducted by Information Security magazine's Michael S. Mimoso.

Part 1: Who whould be responsible for security of virtual environments?

Part 2:Crosby and Hoff talk about how the industry is challenged by vendor proprietary interests despite the desire by customers for highly automated environments.

More on Virtualization Security Issues and Threats

Revitalizing endpoint security with VDI desktops
VIDEO - Implementing VDI desktops provides an opportunity to re-architech endpoint security and management. Learn how in this supercast with Eric Ogren.
PCI encryption, virtualization standards: Interpreting PCI guidelines
VIDEO - Get expert advice on understanding the PCI encryption requirements and virtualization guidance in this video.
Integrating virtual-aware security technologies
VIDEO - In this video presentation, enterprise information security expert Dave Shackleford offers an overview of the key enterprise virtualization security product segments on the market today and key considerations for when to consider them.
Four VDI security concepts for every virtual desktop deployment
Tip - Traditional IT security measures don’t always apply well to virtual desktop infrastructures; apply these four VDI security concepts.
VDI security supports active protection strategies
Magazine - ISM November 2011 cover story: Eric Ogren on how virtual desktop infrastructure enhances compliance, data protection and malware protection.
JeOs and the benefits of a virtual security appliance
Answer - A virtual security appliance offers enterprises a number of benefits, including an optimized operating system that simplifies patch management.
Cloud computing providers and PCI virtualization requirements
Answer - How should an enterprise approach its cloud computing providers following the debut of the PCI virtualization requirements? Charles Denyer explains.
Can the VMware PCI Compliance Checker assess my compliance posture?
Answer - The VMware PCI Compliance Checker claims to assess the compliance of a VMware virtual environment. Does it work? Charles Denyer has the answer.

More from Related TechTarget Sites

Security Channel
Cloud Security
SMB Security
Financial Security
Security UK
Security AU
Security IN

Security Channel
- Survey results: VARs report customers’ IT spending 2012 expectations
  
  VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
- Create a computer security blog to attract and retain customers
  
  Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
- Penetration testing tutorial: Guidance for effective pen tests
  
  This penetration testing tutorial contains essential tips to help solution providers uncover vulnerabilities in clients’ networks.
Cloud Security
- Are cloud providers HIPAA business associates?
  
  Deciding whether your cloud provider is a business associate comes down to a judgment call based on the type of cloud usage.
- SaaS security: Weighing SaaS encryption options
  
  A look at SaaS encryption techniques and challenges.
- Panel debates cloud computing governance issues
  
  Problems with data governance in the cloud aren’t much different than traditional outsourcing.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- Web application threats: What you really need to know
  
  In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
- Ramnit worm variant now dangerous banking malware
  
  The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
- SIEM vendors make the case for extending SIEM product capabilities
  
  Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
Security UK
- Study finds attacks slip past spotty patch management policies
  
  A study finds attackers targeting firms with poor patch management policies, exploiting vulnerabilities that should have been patched years ago.
- Survey: Types of DDoS attacks on the rise due to hacktivist groups
  
  New DDoS statistics suggest hactivist groups are to blame for an increase in the number and types of DDoS attacks across the Internet.
- Web application vulnerability statistics show security losing ground
  
  New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.
searchSecurityAU
- AISA launches new website
  
  With a reinvigorated look and feel, improved back-end infrastructure, and regularly updated information about the association the Australian Information Security Association website has been re-launched for the benefit of its members and the Australian IT Security industry.
- Cisco hardening guides for IOS, IOS-XR and NX-OS devices
  
  Patching routing and switching infrastructure in any organisation is often delayed, sometimes due to the potential impact on production systems and sometimes because the IT resources are simply too busy fighting fires.
- Cloud providers and data sovereignty issues
  
  Australian cloud provider Ninefold warn that understanding who has legal access to company and personal private data is not as simple as checking a box and selecting the 'in-country' option.
Information Security
- Airtel’s DLP technology rollout makes data egress a thing of the past
  
  Airtel’s DLP technology implementation, India’s largest, went live in December 2010. Join us in exploring its inner workings, even as it is poised for bigger things.
- February 2012 Patch Tuesday to address 21 vulnerabilities
  
  Microsoft plans to fix coding errors in Internet Explorer, .NET Silverlight and Microsoft Office.
- IDFC’s information security awareness week tastes success with ‘Mr Gobo’
  
  Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more.

All Rights Reserved, Copyright 2000 - 2012, TechTarget