Identifying and mitigating risk in virtual environments
Accuvant announced its FIDELITYv framework for identifying and mitigating risk in virtual environments which helps organizations realize more secure and agile IT models with additional cost benefits.
“Accuvant has dedicated a team of experts to research the challenge of security in virtualized environments, and found there is limited expertise and understanding in the market,” said Steve Perkins, director of secure virtualization for Accuvant. “Most organizations have been adopting virtualization by transplanting traditional physical world security models and security products into virtualized environments. This is inefficient and insecure – virtual infrastructure needs virtualization-specific security architecture and solutions.
FIDELITYv is a simple framework for systematically looking at security in the virtualization space. It represents the main areas of traditional security infrastructure, each of which has virtualization-specific considerations: Firewalling, Intrusion Protection, Data Protection, End Point Protection, Logging and Analytics, IP and Transport, and Your Virtual Infrastructure.
Accuvant’s FIDELITYv framework is supported by the company’s Secure Virtualization services, which include:
Needs analysis and review – Accuvant discovers an organization’s business requirements and drivers, reviews existing policies, and carefully studies the current virtualized environment.
Design – Accuvant uses its actionable intelligence to help an organization create a plan toward adoption of virtualization/cloud that considers security and compliance with due diligence.
Architecture assessment and security gap analysis – Accuvant performs an assessment of an organization’s virtual infrastructure, as well as the technical and administrative controls in place, then provides targeted advice for improvements and activities designed to eliminate gaps and reduce risk.
Virtual security solution implementation – Accuvant applies its experience and research in virtualized environments to perform installation and integration of security products built for virtual infrastructures.