Keeping your corporate data secure is critical to any business. Personal information such as social security numbers, healthcare records, and credit cards are big business for thieves who sell this information on the black market. Healthcare, banking, and retail industries are high-value targets, but the truth is that any business is at risk. Just think about all the information that your HR department has in their files. Social Security numbers, insurance information, 401k, and payroll make HR data a virtual gold mine. That’s why maintaining good security hygiene is the most important role of any IT or security team and why compliance standards have been established.
vRealize Operations 7.5 can help make your compliance headaches a lot less painful by aiding in the initial configuration of your environment as well as managing configuration drift. There are six compliance packs available for vROps in the solution exchange plus the vSphere security configuration guide which has been updated to support the 6.7 U1 guide.
If you’re running vRealize Operations Advanced or Enterprise, then you can easily install compliance packs for HIPAA, ISO, DISA, CIS, PCI, and FISMA. These compliance packs will compare your vSphere environment against the applicable hardening guides and generate alerts when configurations are not in compliance.
Most of the compliance packs for vRealize Operations cover configurations for multiple vSphere objects. For example, ESXi Hosts, vCenter, Virtual Machines, Distributed Virtual Switches, and Distributed Port Groups. You can see a breakdown of each of these object types and display how many are non-compliant vs the total number of objects. vRealize Operations also provides a compliance score at the top of the page which shows the percentage of objects that are compliant with the corresponding template.
vRealize Operations 7.5 Introduces Custom Compliance Templates
However, as some customers have pointed out, there are circumstances where you may want to exclude certain object types from being displayed. For example, if you have a deployment team that is responsible for the builds and configuration of virtual machines, there’s no need to call out how many ESXi hosts are non-compliant or include these in their compliance score. Perhaps you are a healthcare provider who also accepts credit card payments. Instead of using two separate compliance packs such as HIPAA and PCI, wouldn’t it be great to combine both? Or maybe your company has its own guidelines to ensure consistency and you want to create your own compliance template based on these.
We heard your feedback loud and clear and I’m happy to introduce Custom Compliance Templates in vRealize Operations 7.5! Custom Compliance Templates allow you to pick and choose the compliance definitions that matter to your organization.
vRealize Operations allows up to six custom compliance templates to be added to the Compliance page. Simply select “Create” from the actions dropdown menu. From here, you can select which compliance alerts you want to associate with this compliance template.
This allows for granular control of existing compliance packs, combining multiple compliance packs, or even including your own custom compliance alerts. If you do create your own compliance alert, just set the alert subtype for your alert definition to compliance and it will be immediately selectable in your custom compliance template.
Conclusion
The result is a fine-tuned summary allowing you to focus on the compliance aspects that are important to your organization. Download vRealize Operations 7.5 today to take advantage of Custom Compliance Templates as well as all the amazing new features packed into this release. And be sure to check out the VMware Cloud Management blog regularly for more information on other great features!
