VMware follows industry best practices for the operation of VMware Cloud services. These include security monitoring, planning for security incident reporting and response, and maintaining infrastructure integrity.
Security, Logging, Monitoring, and Intrusion Detection System audit logs are important and therefore, they are protected and retained. These logs adhere to the applicable legal and regulatory compliance obligations. If there is a security breach, the system audit logs ensure a unique user access accountability to detect potentially suspicious network behaviors, file integrity anomalies, and support forensic investigation .
Security Incident Management The VMware Incident Response program plans and procedures are developed in accordance with the ISO 27001 standard. For security and incident management, VMware maintains contacts with industry bodies, risk and compliance organizations, local authorities, and regulatory bodies as required by the ISO 27001 standard. The list of contacts is regularly updated to ensure a direct compliance liaison and be prepared for a forensic investigation that requires a law enforcement.
Incident Reporting The logging and monitoring framework for VMware Cloud services enables VMware to identify the incidents of specific customers. The VMware Security Operations Center uses a SIEM system and merges data sources for a detailed analysis and alerting.
Integrity VMware checks the integrity of managed virtual machine images and software binaries before use. VMware logs and monitors all infrastructure actions and raises alerts based on predefined rules. As a customer, implementation of integrity checking on your virtual machine images is your responsibility.