Security can be a time-consuming role, especially with all the new threats that come at you day in and day out. Finding the right balance in keeping your systems secure is part art and science. So it’s always encouraging when vendors can help ease your struggle with security by taking any guesswork out of it and providing guides that focus on what’s important.
Bob Plankers writes on the VMware vSphere Blog:
We are pleased to announce the availability of the vSphere Security Configuration Guide 7. The vSphere Security Configuration Guide (SCG) is the baseline for hardening and auditing guidance for VMware vSphere itself. Started more than a decade ago, it has long served as guidance for vSphere Administrators looking to protect their infrastructure.
One of the reasons I like these guides is because it encourages consistency across your environment. It’s also a good way to get new folks up to speed on how you harden and audit your systems. I encourage you to share this with your security team so they know you take security seriously.
The other reason is that these guides follow established best practices from the industry. VMware is aligning to NIST 800-53 which will help you to secure your infrastructure faster. I consider this a living document, one that is updated often because there are always new threats on the landscape.
How do you harden and audit your system? Do you use manual checklists that are not updated often? Do you use security software to help guide your designs? Let me know on Twitter and thanks for reading.