You can't secure what you don't acknowledge.SM

Tuesday, April 21, 2009

RSA news: virtual machine security, finally!?

Now vendors and developers have a way to ward off down those dreaded virtual machine vulnerabilities plaguing every network. It's VMware's VMsafe API to the rescue. Finally a virtual machine security solution!

Now if we can just find a way to get people to:
  1. Require strong passwords on their virtual machines
  2. Patch their virtual machines
  3. Disable unnecessary and unsecured network shares on their virtual machines
  4. Turn off unneeded services on their virtual machines
  5. Encrypt the drives on their virtual machines
  6. Backup their virtual machines
  7. Test for security vulnerabilities on their virtual machines
To me - and this is just my humble opinion - unless and until network admins and security managers put the most basic security controls in place, why even bother with all this fancy virtual machine hypervisor API stuff?

'nuff said.

No comments:

Post a Comment