NIST publishes draft cloud computing and virtualization security guidance

The US National Institute of Standards and Technology (NIST) has issued draft recommendations for securely configuring and using full virtualization technologies.

The proposed security recommendations are contained in the draft document, NIST Special Publication 800-125, Guide to Security for Full Virtualization Technologies. NIST is requesting public review of the new draft computer security publication and soliciting comments until August 13.

In the draft, NIST recommends for organizations to:

* Secure all elements of a full virtualization solution and maintain their security;

* Restrict and protect administrator access to the virtualization solution;

* Ensure that the hypervisor, the central program that runs the virtual environment, is properly secured; and

* Carefully plan the security for a full virtualization solution before installing, configuring and deploying it.

The draft of NIST Special Publication 800-125, Guide to Security for Full Virtualization Technologies may be obtained from http://csrc.nist.gov/publications/PubsDrafts.html

Submit comments to 800-125comments@nist.gov with "Comments SP 800-125" in the subject line.

•Date: 22nd July 2010 • Region: US •Type: Article •Topic: ISM news
Rate this article or make a comment - click here