Virtualization and Cloud Compliance
Virtualization and the cloud changed everything. Including compliance.
As more and more sensitive data is hosted on virtual and cloud infrastructure, that infrastructure moves “in-scope” for compliance controls. For example, under PCI DSS the hypervisor (vSphere, KVM) is always in scope. Unfortunately the “out of the box” security controls are often insufficient to meet these or other requirements, leaving organizations at risk for audit failure, fines, data breaches and disclosure reporting.
HyTrust offers a unique set of operationally-efficient compliance controls for virtual and cloud infrastructure that enables organizations to more easily meet the regulatory demands of PCI, HIPAA, CJIS, FedRAMP, SOX and more:
- Comprehensive vSphere/vCenter administration controls: Two factor authentication, secondary authorization, segmentation of duties, and audit-quality activity and exception reporting with configurable threshold-based alerting
- Configuration hardening for virtual infrastructure
- Virtual machine encryption to meet Safe Harbor and data protection requirements
HyTrust solutions simplify the task of implementing the continuous compliance controls increasingly being called for in “Business As Usual” guidelines. With the prevalence and cost of data breaches, security is no longer just about “passing the audit”.