Federal agencies, state agencies and the military, like other organizations, have widely adopted virtualization in order to take advantage of not only the increased agility but also the greater efficiency and cost savings that virtualization and the cloud bring to IT.
While virtualization does enhance the agility and cost effectiveness of IT, it also creates a very high value target – the hypervisor. Where in the past you might have a larger number of physical servers devoted to a particular mission, it is now possible to have a larger number of virtual machines hosted on a single hypervisor supporting that mission. This of course means that any compromise of the hypervisor or hyper administrator account will have larger implications for the overall mission that the compromise of any single machine would have in the past.
HyTrust can help with a variety of solutions and challenges. Read more:
- Boundary Control – HyTrust BoundaryControl powered by Intel® TXT.
- FIPS-140-2 – HyTrust DataControl Encryption is FIPS-140-2 Level 1 Certified and listed on the NIST 140 Validation Page so you can be confident that even in the cloud your data is safe.
- FISMA – the Federal Information Security Management Act (FISMA) is intended to ensure that computer systems used by the federal government all meet certain basic requirements. Part of the act was to call upon NIST to create some guidelines with regard to security, including NIST SP 800-53 rev 4, Security and Privacy Controls for Federal Information Systems and Organizations. 6 of 18 NIST 800-53 control families focus on visibility into and control over access, configuration and system integrity, all areas where HyTrust helps fill gaps between FISMA/NIST requirements and native virtualization platform capabilities.
- FedRAMP – HyTrust supports at least 27 core FedRAMP controls central to the hypervisor and management plane, simplifying certification and reducing training and staffing costs. Learn More
- HIPAA/HITECH – HIPAA (Health Insurance Portability and Accountability Act) and the follow-on HITECH (Health Information Technology for Economic and Clinical Health) Act are both intended to help protect the integrity of electronic protected health information (ePHI). Learn More
- CJIS – the FBI’s Criminal Justice Information Systems Compliance Specification, version 5.3, sets the standard for information security for criminal justice organizations in the US. Of the 13 Policy Areas of the specification, HyTrust can directly help with seven, including Incident Response, Auditing and Accountability, Access Control, Identification and Authentication, Configuration Management, Systems and Communications Protection and Information Integrity and Formal Audits. Learn More. See also CJIS Compliance with HyTrust, VMware and Intel.
- HyTrust/Intel® Federal Blog – we have a blog with content for government agencies and organizations from .mil to .gov, which we invite you to view HERE.