Archive - November 2000
Measuring Success with Security Metrics
Try to imagine a world without metrics. The temperature would only be “hot” instead of 95° or a project would be “in progress” instead of 75% complete. Metrics provide an effective way to keep track of vital information. They are particularly useful for identifying trends and measuring the progress of activities. When used effectively, security metrics provide a uniform way to make decisions and to measure progress in information security.
Developing a Virtualization Security Policy
Eric Vanderburg
Since many organizations are rapidly virtualizing servers and even desktops, there needs to be direction and guidance from top management in regards to information security. Organizations will need to develop a virtualization security policy that establishes the requirements for securely deploying, migrating, administering, and retiring virtual machines. In this way a proper information security framework can be followed in implementing a secure environment for hosts, virtual machines, and virtual management tools. This article is part two of a series on virtualization. The previous article was titled “Critical security considerations for server virtualization.”
Business Continuity and Backups in the Virtual World
Eric Vanderburg
Virtualization has really become a mainstream technology and an effective way for organizations to reduce costs. As mentioned in previous articles, it simplifies processes but also creates new information security risks to handle. This article is concerned with business continuity and how virtualization can create many new opportunities and efficiencies in your business continuity plan. This is the third article in a series on virtualization. The first article was titled “Critical security considerations for server virtualization.” and this was followed with “developing a virtualization security policy.”
