Introduction to SecurityInformation security is, at its core, defined by three main concepts: confidentiality, integrity, and availability. Organizations often think about “security” primarily in terms of confidentiality, but omitting the other concepts leaves out many essential design ideas that help supply resilience to systems, during incidents ranging from a security breach to a natural disaster. The concepts also interrelate. For example, designing for availability often means that resolving vulnerabilities is easier, helping to restore confidentiality and integrity to systems. Thinking about security in the cloud means thinking about, and designing for, all three data security concepts. Compliance Design ConsiderationsSecurity always depends on context, and in most cases, the context is influenced by how an organization intends to use its cloud presence. Administrative AccessProtecting the management interfaces of infrastructure is critical, as virtual and cloud administrators have enormous power over workloads and data. Endpoint SecurityVMware Cloud provides numerous ways in which workloads can be made resilient to security and other types of incidents. ConclusionSecurity is a broad topic that impacts all parts of an organization, and is often best treated as a process that everyone participates in. Security is a source of tension in an organization, between the need to move forward with new work and techniques, and the need to pass compliance audits which verify the security controls in place.
