One of the hardest things to do is security updates for your IT infrastructure. There are so many moving parts involved from applications owners to cybersecurity teams to change windows. Most teams follow an in-house checklist to ensure they are keeping compliant. Things can be even simpler when the vendor provides security guidelines for you.
The VMware team has updated the VMware Security Configuration Guide (SCG) according to Bob Plankers on the VMware vSphere Blog.
The SCG is the baseline for hardening and auditing guidance for VMware vSphere, with an edition for each release of vSphere. As new threats develop this guidance is often updated. It’s always a good idea to share this content with your security teams so you both understand how security is being handled.
Patching and hardening your infrastructure is your first level of defense. Team are sometimes slow to touch legacy system that have been running for months. They don’t want system updates to break, but the threats are becoming more complex. Whether you have a greenfield or brownfield infrastructure, following the SCG is a great way to stay compliant and secure.
Did you know there was a VMware Security Configuration Guide (SCG)? Have you applied it in the past? What was your experience like? Do you use something else to keep your environment compliant? Let me know on Twitter and thanks for readying.