800-810-1885
Home > Blog > Virtualization Security

Category Archives: Virtualization Security

Sword & Shield Expert to Speak at VMware Users Group on Tuesday, July 17

By Lara Bergman | Published: July 12, 2012

Virtualization technology introduces new risks that must be taken into consideration and assessed when moving cardholder data to virtual environments, but because virtual technologies can vary greatly, no one-size-fits all guide to Payment Card Industry (PCI) compliance exists.

Sword & Shield Director of Risk and Compliance Jason Riddle will be on hand Tuesday, July 17 at the VMware Users Group (VMUG) in the Nashville area to give an overview of virtualization and PCI. The meeting will be from 11 a.m. to 2 p.m. at the Comdata building in Brentwood.

Recent revisions to the PCI Data Security Standard (DSS) – known as PCI DSS 2.0  - have provided some degree of clarification on how the requirements apply to virtualized technologies. Additionally, the PCI Security Standards Council has released an information supplement which provides guidelines for implementing virtualization in a PCI compliant environment. The presentation will cover both the PCI requirements and real-world use cases with VMWare Admins, Security Admins, and PCI Auditors on hand to field questions.

After his overview, Riddle will also participate in an question and answer session for attendees. Sword & Shield and Comdata are sponsoring the event.

Registration is open to all members.  Visit the Event Details Page for the full agenda and for questions, please contact memberservices@vmug.com.

Also posted in Company News, PCI | Tagged , | Leave a comment


How Virtualization Affects GRC

By Lara Bergman | Published: March 25, 2010

Dave Shackleford, Sword & Shield’s Director of Risk & Compliance, has a new article at The Security Catalyst discussing  virtualization implementation and its effects on compliance.

Virtualization technology is becoming ubiquitous. More and more organizations are replacing physical infrastructure with virtualized systems, including desktops and servers, and application and storage virtualization are popular as well. Virtualization changes a number of paradigms across the information technology landscape – some obviously for the good, some possibly for the worse. In the realm of GRC, virtualization has some distinct points to consider, many of which may require changes in operations and policy, as well as overall information security management.

Virtualization can help organizations reduce operating costs, and many feel that it’s a key component to “Green IT” strategies aimed at reducing energy consumption. However, despite popular belief, it actually makes the IT environment more rather than less complex, and a number of new processes and approaches are needed to ensure that security and risk management keep pace with its adoption.

Also posted in Compliance, Publications | Leave a comment


Making VMWare More Secure

By Courtney Culver | Published: February 26, 2010

SANS InstituteDave Shackleford has a new post at the SANS Blog – IT Audit: 6 VMWare Settings Every IT Auditor Should Know About. Dave teaches the Virtualization Security Fundamentals course at the SANS Institute.

Also posted in Publications | Tagged | Leave a comment