Virtualization security audit


Published on

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Virtualization security audit

  1. 1. Virtualization Security Audit Background Server Virtualization is defined as the capability to run multiple operating system images on a single hardware server at the same time. To grow in the fast paced environment, organizations have been implementing server virtualization being cost effective and high return on investment. Securing virtual machines is equally important as securing the physical servers. Hence the guest operating system that runs in the virtual machine is subject to the same security risks as a physical system. Therefore, it is critical that you employ the same security measures in virtual machines that you would for physical servers. The NII Approach We help organization to identify how virtualized environment might impact their business  Administrators may not be knowledgeable about exploits which specifically target virtual machine environments  Inadequate or insufficient tools available for proper monitoring of the virtualized environment  Inadequate training of administrators in virtualization technologies and problems  Compromised system security and confidentiality  Insufficient allocation of resources  Security breaches leading to lost productivity, reputation loss, and remediation costs How we help We provide management with a comprehensive assessment of the effectiveness of the configuration, controls over, and security of the virtualized servers operating in the enterprise’s computing environment. This audit mainly focuses on governance, configuration, management, and physical security of the relevant virtualized servers in the enterprise, with specific emphasis on control issues specific to virtualized environments. Key Audit Areas  Identity management  Security incident management  Risk management  Vulnerability management and testing © Network Intelligence India Pvt. Ltd.
  2. 2. DESKTOP VIRTUALIZATION Desktop Virtualization has been growing maturity of the market recently as it has replaced the traditional approach of managing OS, applications and user settings on one at a time basis. It has more flexible approach which separates a personal computer desktop environment from a physical machine using a client server model computing. In other words desktop virtualization has major impact on the people or group of peoples who need to work in an organization together on different processes and their interaction with new technologies. The NII Approach We help organization to identify how desktop virtualized environment might impact their business  Lower cost of deploying applications.  Reduced IT staff, increased productivity, and the ability to rapidly adapt to change by adding users, supporting teleworking, hot-desking, etc.  secure remote access to an enterprise desktop environment  Anywhere access from connected devices  Organization at some extend eliminates redundant data, workload and management process. How can we help We at NII help organizations to benefit from desktop virtualization by helping to:  Identify which desktops in the organization are ideal for desktop virtualization.  Identify if organization needs business continuity and disaster recovery plan as the advanced desktop virtualization solutions are capable of doing it.  Identify and analyse how organization will save money and time with this solution.  Decide on how organization can benefit from virtual desktops in terms of productivity.  Ensure organizations benefit from centralized management and control i.e., as all desktops can be managed and controlled from a central location.  With central management how organizations can benefit with fast and easy administration and security policies. Key Audit Areas Typical challenges that you are likely to face when implementing desktop virtualization are:  Infrastructure and storage  Lack of trained resources  User experience  Flexibility  Availability  Network performance About us: Network Intelligence, incorporated in 2001, is a committed and well-recognized provider of services, solutions and products in the IT Governance, Risk Management, and Compliance space. Our professionals have made a mark for themselves with highly satisfied clients all across the globe supported by our offices in India and the Middle East. As an ISO 27001-certified company ourselves, we are strongly positioned to understand your needs and deliver the right answers to your security and compliance requirements. We have won accolades at numerous national and international forums and conferences. Our work truly speaks for itself and our clients are the strongest testimony to the quality of our services! Network Intelligence India Pvt. Ltd. 204 Ecospace IT Park, Off Old Nagardas Road, Andheri East, Mumbai 400069, India PO Box 122074, SAIF Zone, UAE Email: © Network Intelligence India Pvt. Ltd.
  3. 3. Tel: +91 22 28392628 | +91 22 40052628 © Network Intelligence India Pvt. Ltd.