Infrastructure & Virtualization Security
IVS domain controls.
Infrastructure and Virtualization Security Policy and Procedures
Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for infrastructure and virtualization security.
Capacity and Resource Planning
Plan and monitor the availability, quality, and adequate capacity of resources in order to deliver the required system performance as determined by the business.
Network Security
Monitor, encrypt and restrict communications between environments to only authenticated and authorized connections, as justified by the business.
OS Hardening and Base Controls
Harden host and guest OS, hypervisor or infrastructure control plane according to their respective best practices, and supported by technical controls.
Production and Non-Production Environments
Separate production and non-production environments.
Segmentation and Segregation
Design, develop, deploy and configure applications and infrastructures such that CSP and CSC user access and intra-tenant access is appropriately segmented and segregated.
Migration to Cloud Environments
Use secure and encrypted communication channels when migrating servers, services, applications, or data to cloud environments.
Network Architecture Documentation
Identify and document high-risk environments.
Network Defense
Define, implement and evaluate processes, procedures and defense-in-depth techniques for protection, detection, and timely response to network-based attacks.