Greetings securanerds and compliance aficionados!
The RSA Conference has made a HUGE come back this year in Tim Tebow\ Jeremy Lin-Sanity "like" fashion and secured it's rightful place as the largest & best security conference on the planet.
Art Coviello got things started with some HEAT as he preached the "Hack Back" message. The Buzz at RSA was intense and fresh as new privacy initiatives and cloud computing are driving life back into the security space along with compliance. The sessions and expo floor were simply PACKED! It was great to see the usual security Titans displaying their knowledge & goods along with up and comers like HyTrust who had their brand on the back of every badge.
For VMware Center for Policy & Compliance (CP&C) , it was immediate action from day uno as we were busier than a one-toothed man in a corn-on-the-cob eating contest! (No offense to my single fanged friends, it is just the truth 🙂
We started off with announcing our upcoming release of vCenter Configuration Manager (vCM) 5.5 part of the vCenter Operations Manager Suite (vCOPS), the best vSphere, Cloud Infrastructure Suite & Config\ Compliance Management Tool in the industry. You will hear more about vCM 5.5 when it goes GA on March 15th but I must give you a sneak peak, 5.5 may be sweeter than Crispy Bacon!
vCM 5.5 Example report showcasing vCenter and vCD Permissions:
Providing a single view of permission levels across vCenters and vCDs that can be filtered by User, Group, Object, etc.
NOBODY else in the systems management space today can do this except for vCOPS & vCM!
Next was an interview at the RSA booth on EMC Live TV going over our combined integration with VMware, EMC & RSA into Archer (eGRC) solution to deliver "Compliance Across the Stack" bringing together technical controls with policy enforcement. The demo showcases Server, Network and Storage Compliance results in Archer! This is a LARGE step in our Trusted Cloud initiative "Meeting Customers Compliance Requirements to Migrate Tier 1 Apps to vSphere and Cloud Environments".
Here is the Video:
And our blog on the announcement with screen shots from the integrated Archer Demo:
We kept the vibe alive as our honorary CP&C member Davi Ottenheimer "The Flying Penguin http://www.flyingpenguin.com/" threw some deep knowledge at folks during his Sessions:
CLD-108 Lightning Round: Data Confidentiality and Integrity in the Cloud
DAS-302: Message in a Bottle – Finding Hope in a Sea of Security Breach Data
I hope you got a chance to see him in action, if not you can catch Davi live in Vegas singing Sinatra at the Venetian Showroom. (Seriously http://davisingssinatra.com/)
Finally we started wrapping things up with the VMware communities podcast #177 covering the conference with my RSA pal Mike Foley:
Switching gears a bit, we also saw blatant displays where policy & technology could not prevent human action from putting the environment at risk. There were several people who made their way into sessions by telling the door staff "We are with the Speaker". In all cases, the hoodlums were welcomed without any identified credentials, verification from the speaker or proof of having a delegate badge. It just goes to show you that visibility, training and accountability are key ingredients to a securing an infrastructure in a compliant fashion. (Next year just buy a full conference badge people!)
Last but not least and to get your weekend started with a laugh, check out the following HILARIOUS video on VMware security and compliance solutions for the Cloud:
Feel free to hit us up with questions & comments at:
Have a great weekend, snow is falling all over the west so hit the slopes if you can!
Please excuse any typos or grammar mistakes, after all I am ESL and will lean on that as long as possible.
George Gerchow – VMware Director, Center for Policy & Compliance