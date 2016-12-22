By Melba Lopez

I had the pleasure of joining my first ever internal security conference called MooseCon (Making Our Organization Security Experts Conference). There were a variety of topics discussed, but one particular talk by Noah Wasmer, Senior Vice President of Mobile Products, stayed with me the most. Noah discussed recent cyber attacks in the news, and he asked, “If you were on the front page of the Wall Street Journal because of a security breach, what would that do to your business?”

For any company, it would have a negative financial impact and shatter the trust of customers. As a Technical Account Manager (TAM) I often advise my customers to be more security-conscious and would like to share some information and resources about VMware security tools.

What is VMware’s Stance on Security?

During the RSA 2016 keynote session, VMware CEO Pat Gelsinger stated, “…security is a core mission … if we do our job right, we will be the most important company in security.”

With this vision, VMware continues to grow its security focus internally, and a number of groups are focusing on making our products more secure:

For more information, please see the VMware Product Security Technical White Paper, which provides an overview of VMware’s Security Programs and Practices.

How Can I Get Started with Securing My Environment?

There are a number of products you can purchase to help secure your environment. However, companies sometimes forget the fundamentals, which can ultimately be the crack in your foundation. Below are some free tools you can leverage to secure your environment:

Review VMware Security Hardening Guides and see how you can help mitigate against the frisk of an attack. These guides are provided in an easy to consume spreadsheet format, to allow for guideline classification and risk assessment.

You can also leverage Security Technical Information Guides (STIGs). These guides are used for DOD IA and IA-enabled devices, but you can use them to further secure your company’s environment: vSphere STIGs NSX STIGs



Review security guidance provided by VMware Compliance and Cyber Risk Solutions which provides an architecture framework for regulated environments such as HIPAA and PCI DSS.

Keep updated on all the latest security advisories by subscribing to the VMware Security Advisory. Make sure you apply recommendations for the most critical vulnerabilities as soon as possible.

Social Media: Follow the VMware Security & Compliance Blog, @VMwareSRC, or @vSphereSecurity on Twitter to keep updated on the latest VMware security announcements.

Need Help?

Reach out to your TAM and they can help your organization review these items to make sure you are on the path to better security practices with VMware. Don’t have a TAM? You can reach out to us anytime to inquire about our TAM Services. For more information please refer to our TAM Services page: http://www.vmware.com/professional-services/technical-account-manager.html