From Virtualization to the Cloud and Beyond
Many companies have started virtualization quite a while ago. Nevertheless, they still frequently are in the first wave of virtualization, focusing on Windows servers and their virtualization. The second wave with virtualizing business-critical applications is still at the beginning in many data centers. These systems often have a continuously high workload, so the benefit of reducing the number of servers is somewhat limited. And they are business-critical, so touching them is something organizations don’t tend to do that quickly. However, things are moving forward and for business-critical apps, the (private) clouds offer interesting benefits. So virtualizing them is just logical. But what follows then? Is it sufficient to virtualize and cloud-enable the infrastructure? Or what is next? We put this in the context of the KuppingerCole IT model and look not only at the waves you have to ride (or avoid to ride), but also at the new horizons behind the waves. The real business benefits.
Security for Virtualized Environments, Privileged Users and PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is one of the most detailed compliance requirements published to date. A new version was released in October of 2010 along with supplemental guidance for virtual environments. In this session leading access control and endpoint security vendors will provide their insight on emerging compliance solutions and strategies for virtualization and PCI compliance. The session will also address PCI DSS requirements with an emphasis on their applicability to virtualized infrastructure, the overall desire to reduce scope versus the cost of implementing and maintaining the necessary controls and the new challenges from privilege user management perspectives.