SERVER VIRTUALIZATION

New Audit Resources from ISACA Help Professionals Keep Pace with 2022 Audit and Compliance Trends and Updates

ISACA | December 22, 2021

As the year winds down, many audit professionals are shifting their focus to 2022 priorities—including developing dynamic new strategies such as agile auditing, revisiting established technologies from a remote or hybrid working environment perspective, and closing any gaps between compliance expectations and current practices—and how they can enhance their skills to meet the needs of the evolving audit landscape. To meet these needs, ISACA has released three new audit resources—its VPN Security Audit Program, Destination: Agile Auditing white paper, and a new edition of its IT Control Objectives for Sarbanes-Oxley publication.

During the pandemic, the reliance on virtual private networks (VPNs) was heightened as many shifted to working from home—as did the need to manage its risks and implement safeguards. ISACA’s VPN Security Audit Program provides a foundation for auditors to provide assurance around the effectiveness of implemented VPN controls, including pre-audit planning, governance and oversight, implementation and configuration, operations, and maintenance and monitoring, to avoid some of the following risks:

  • The increase in number of end users combined with extended VPN use may put additional pressure on infrastructure and adversely affect performance.
  • Failure to detect unauthorized VPN activity may cause denial of service due to excessive traffic or connection attempts.
  • Lack of alignment of data classification requirements with VPN requirements and configuration may impair compliance initiatives that are reliant on data classification.

During the pandemic, organizations embraced methods to increase agility and efficiency, including by using Agile. Destination: Agile Auditing outlines how audit professionals can incorporate Agile principles into their audit methodologies. Auditors can learn the basics about Agile auditing, its benefits, how Agile complements established assurance standards, how developing competency in Agile can enhance the planning, fieldwork, and reporting phases of an audit. The white paper also includes examples of elements from the Agile tool set, including an Agile road map and Agile audit engagement workflows and illuminates key components like sprints, audit backlog and daily standups.

Internal and external auditors, IT auditors and managers, and financial and operational managers can also ensure they are keeping up with the latest guidance in complying with the Sarbanes-Oxley Act in a new edition of ISACA’s IT Control Objectives for Sarbanes-Oxley publication. This latest edition incorporates updated guidance and standards from the Public Company Accounting Oversight Board (PCAOB) and the American Institute of CPAs (AICPA) and its Auditing Standards Board, with updates including:

  • Integrating guidance for implementing internal control over financial reporting (ICFR) using COBIT® 2019, for IT and financial management within enterprises and for their internal and external auditors and consultants
  • Aligning with COBIT 2019 Focus Area: Information & Technology Risk
  • Providing the mapping of the role of COSO Internal Control – Integrated Framework, 2013 to COBIT 2019
  • Highlighting technological innovations and their impacts on auditing IT controls.

The audit landscape is constantly shifting as technologies and regulations evolve, making it essential that audit professionals prioritize continuous learning to ensure they are applying the most current and effective audit practices. ISACA is committed to equipping the global audit community with the tools they need to deliver the highest audit standards at their organizations.”

Robin Lyons, IT Audit Professional Practices Lead

About ISACA
For more than 50 years, ISACA has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.

Spotlight

VMware helps retailers innovate faster, boost customer engagement, and drive business models for the future.


Other News
VIRTUAL DESKTOP TOOLS,SERVER VIRTUALIZATION,SERVER HYPERVISORS

Future Technologies Venture, LLC Achieves Cradlepoint 5G for Enterprise Branch Specialization

Future Technologies Venture | December 07, 2022

Future Technologies Venture, LLC a Lead Systems Integrator, today announced that it has achieved 5G for Enterprise Branch Specialization from Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network edge solutions. The 5G for Enterprise Branch Specialization identifies and recognizes partner organizations that are leaders in positioning and selling Cradlepoint’s 5G for business solutions by meeting a series of sales, technical, and business proficiency criteria. By receiving the specialization, Future Technologies will support Cradlepoint’s efforts of selling the industry’s most comprehensive portfolio of 5G solutions to meet the business imperatives of availability, interoperability, security, and manageability. Future Technologies is an industry leader in deploying Public and Private Cellular Networks. Future Technologies built their Private Cellular experience over the last 12 years through engagements with the DoD deploying 2G, 3G, 4G and now 5G NSA and 5G SA. Future Technologies has also deployed several Private Cellular Networks across various industries including Manufacturing, Chemical, and Education, among others. “Private 5G will enable business outcomes for our customers and will help them optimize their processes and allow for growth for years to come. We are excited to bring Cradlepoint’s 5G endpoints into the fold,” comments Ian Chan, President, Future Technologies. By combining its NetCloud platform with a clean-sheet-of-paper design for its new 5G modems and antenna systems, Cradlepoint is the first to deliver comprehensive 5G solutions for business. Specific capabilities include combining LTE, Gigabit-Class LTE, and 5G in a single wireless WAN; supporting all 5G spectrums, interoperating with existing customer SD-WAN and router infrastructures; and simplifying the entire network management lifecycle. “Cradlepoint is committed to leading the evolution of Wireless WAN and 5G and is both the first and best choice for customers in this space,” Our reseller, service provider, and technology partners play a crucial role in this mission. The addition of Future Technologies to our 5G for Enterprise Branch Specialization program is another important step in leading the path to 5G for business.” Eric Purcell, senior vice president of global partner sales at Cradlepoint. About Future Technologies Venture, LLC Future Technologies Venture, LLC is a Lead System Integrator (LSI) specializing in the assessment, planning, design, implementation, and support of innovative communications solutions for vertical markets – DoD, Utility, Oil & Gas, Manufacturing and Transportation. Future Technologies maintains a strong concentration on emerging standards such as 5G, 4G, Private LTE, WIFI, SCADA and Automation technologies.

Read More

VIRTUAL DESKTOP STRATEGIES

Radioip partners with nextnav for vertical location intelligence in vpn client

NextNav | November 17, 2022

RadioIP, a leader in secure mobile communications, has selected NextNav, the leader in vertical location positioning, to empower its industry-leading VPN solutions with mission-critical z-axis location intelligence. While mobile apps are used in many operations, many users need options that provide the ability to be tracked without being visible to others. With this partnership, first responders and security agencies can ensure personnel are safe and securely located, and that command can have the situational awareness required, without fear of their mission being compromised. Through the NextNav Pinnacle network, RadioIP will be positioned to bring a new level of efficiency and connectivity intelligence, providing end users with a secure and location-intelligent network node that allows precise tracking without the screen presence of a traditional mobile app. Whereas RadioIP's Armada™ VPN mobile app currently allows for x/y location, adding NextNav's Pinnacle z-axis service will allow for command to not only know the health of the connection but discreetly locate personnel in complex urban environments where vertical location is a must-have. When combined with RadioIP's Synopsis Metrics platform, agencies will have a complete view of all location services and network performance so that responders are secured and the connectivity they rely upon performs as required. "One of the most critical aspects of communication today is how the path is secured, As we have frequently seen from location spoofing and the risk it places on responders, it is critical that not only are communications secured but, when combined with NextNav's z-axis service, encrypted end-to-end. We designed Armada VPN to secure and measure connectivity of responder end points, and as we explored how to solve unique customer needs, we recognized that including z-axis is highly necessary in today's day and age." Roch Tremblay, COO at RadioIP "As the use of mobile apps increases in public safety, new and highly unique capabilities continue to emerge that will provide critical capabilities for public safety and security operations", said Dan Hight, VP of Business Development at NextNav. "RadioIP is a natural partner and, with NextNav's Pinnacle solution and service embedded in their ecosystem, agencies and end-users will benefit from having a "headless app" that protects those who serve with precision vertical location and secure connectivity. This partnership is one we see having tremendous benefit to not only agencies but our partner ecosystem as well." The Pinnacle network delivers precise vertical location in 4,400 cities and towns – capturing 90% of buildings greater than three stories – in the United States. NextNav Pinnacle powers applications across the public safety community to support stronger situational awareness for first responders. Earlier this year, a tier-one wireless carrier selected NextNav Pinnacle to bring z-axis capabilities to wireless 9-1-1 phone calls to enhance caller geolocation and emergency response outcomes. About RadioIP : A leader in mobile communications, Radio IP Software offers a portfolio of mobile VPN solutions to overcome the performance, security, connectivity and roaming challenges associated with wireless networks to achieve faster response times. Designed for today's wireless and mobile environments, our solutions enable mobile users to seamlessly roam across all network environments. Radio IP provides award-winning services for mission-critical and business-critical communication. We work with corporations, utilities, and government agencies in North America, Europe, South East Asia, and Australia. About NextNav: NextNav Inc. is a leader in next generation GPS, enabling a whole new ecosystem of applications and services that rely upon vertical location and resilient geolocation technology. The company's Pinnacle network delivers highly accurate vertical positioning to transform location services, reflecting the 3D world around us and supporting innovative, new capabilities. NextNav's TerraPoiNT network delivers accurate, reliable, and resilient 3D positioning, navigation and timing (PNT) services to support critical infrastructure and other GPS-reliant systems in the absence or failure of GPS.

Read More

SERVER HYPERVISORS,VIRTUAL SERVER MANAGEMENT,BACKUP AND DISASTER RECOVERY

Virtana Expands Kubernetes Strategy for Infrastructure Performance Management (IPM) and Monitoring within Container Environments

Virtana | December 15, 2022

Virtana, a leading provider of AI-driven solutions for hybrid cloud management and monitoring, today announced the expansion of its Kubernetes strategy across the full portfolio of Virtana Platform. This release brings Infrastructure Performance Management (IPM) and Monitoring support for container environments using Virtana Platform, following September's announcement of a Kubernetes rightsizing feature through Virtana Platform's cloud cost management solution. With the new IPM Kubernetes capabilities of Virtana Platform, users will have access to the same real-time, high-definition performance and dimensional information for containers that they enjoy today for legacy cloud infrastructure. This will expand access to Virtana Platform hybrid features to include rightsizing, monitoring, and capacity planning for Kubernetes-based workloads. Virtana's Multi-Cloud Insights Platform delivers benefits including rapid problem resolution (up to 80% decrease in mean-time-to-resolution), de-risk optimization initiatives (up to 50% staff productivity gains without impacting application performance), and cost reduction (up to 30% on cloud cost savings). "Today, Kubernetes customers are inundated with metrics and data points that are hard to understand or put into context. By using Virtana, our customers can now gain meaningful insights from Kubernetes and the key supporting infrastructure layers in relation to the application service. Providing full Kubernetes support across the entire Virtana Platform portfolio has always been our goal, from cloud cost management to IPM, which is key to enabling our customers' digital transformation journeys." Jon Cyr, Head of Product for Virtana Through a combination of agentless integrations with Prometheus and the Kubernetes API, customers can use Virtana to collect health, utilization, and performance metrics from their container environments—accelerating the achievement of their digital modernization goals. Virtana is empowering customers to use their choice of external management suites, like RedHat OpenShift, VMware Tanzu, and Rancher, so they can gain deeper insights with the tools they have already deployed. Through the Virtana Platform Cost Savings Opportunities dashboard, users can tailor their default rightsizing recommendations based on constraints for CPU and memory—to meet specific business requirements and risk tolerance. About Virtana Virtana provides a unified multi-cloud management platform to simplify the optimization, migration, and monitoring of application workloads across public, private, and hybrid cloud environments. The cloud-agnostic SaaS platform allows enterprises to efficiently plan their cloud migrations and then right size workloads across their hybrid cloud infrastructure for performance, capacity, and cost—most customers see 25% cloud cost savings or more within the first 10 days of use. Get a free 14-day trial of Virtana's optimization solution. Virtana was named Coolest Cloud Company by CRN, Top Cloud Leader Reducing Public Cloud Costs by Business Insider, Best Company Culture by Comparably, and a Customer First company by Gartner.

Read More

HYPER-V,SERVER ,CONTAINERS

Safety-Certifiable Multi-core Wind River Helix Virtualization Platform Available for Intel SoCs

Wind River | December 09, 2022

Wind River®, a global leader in delivering software for intelligent systems, announced today that Wind River Helix™ Virtualization Platform now supports the Intel Xeon D-1700 and D-2700 processors and 11th Gen Intel Core™ processors. Part of Wind River Studio, Helix Platform is a safety-certifiable multi-core, multi-tenant platform with support for multiple independent levels of criticality. It is designed for broad industry use cases, including but not limited to: Commercial and military avionics General operating system (OS) consolidation for reduction of space, weight, and/or power in industrial, medical, and automotive settings Mixed levels of criticality to run unsafe software alongside software certified to the highest level in avionics (DO-178C), automotive (ISO 26262), industrial (IEC 61508), and other similar standards Key Helix Platform features include: True Type 1 hypervisor (not hosted in a real-time OS or requiring a special service OS) 64-bit multi-core leveraging advanced Intel virtualization technologies Single and multi-core guests Mix-and-match 32- and 64-bit unmodified guests Support for ARINC 653 Application Executive (APEX) FACE™ 3.1 conformance Multiple device models, including emulated, passthrough, shared, or para-virtualized No limits on the number of concurrent guests (Linux, RTOS, bare metal) Proven fault isolation and containment Increasingly, with the growth of the intelligent edge, industries such as aerospace and defense, automotive, and industrial bring unique sets of requirements and challenges. With Helix Platform support for Intel Xeon D and 11th Gen Intel Core™, Wind River is expanding architecture support to address the demanding needs of highly compute-heavy mission-critical applications. Avijit Sinha, chief product officer, Wind River. “From ever-evolving regulations to technology obsolescence and application performance uncertainty, the safety and compliance of mission-critical, multi-core applications across industries is essential. Collaboration with Wind River helps to remove the complexities of maintaining necessary safety and security requirements, while also accelerating time-to-market. This furthers Intel’s commitment to enable end user innovation and achieve mission success,” said Tony Franklin, general manager, Network and Edge – Federal and Aerospace at Intel. Proven in the most challenging safety-critical applications, Wind River technology makes it easier and more cost-effective for organizations to meet the stringent safety certification requirements of EN 50128, IEC 61508, ISO 26262, DO-178C, and ED-12C. With technology proven by more than 400 customers in over 800 safety programs in more than 100 civilian and military aircraft, Wind River is driving the transition to software-defined systems in aerospace and defense. Helix Platform is part of Studio, a cloud-native platform for the development, deployment, operations, and servicing of mission-critical intelligent systems. Intel Xeon D processors deliver server-class computing, hardware-based security, and high bandwidth I/Os for embedded and rugged applications at the edge, supporting hard real-time workloads and extreme temperature range, making them well suited for demanding applications in industries such as aerospace and defense and industrial. Engineered for IoT markets, 11th Gen Intel Core processors deliver a balance of performance and responsiveness in a low-power platform, supporting low latency and time-sensitive applications with the power to run multiple workloads, including AI and deep learning applications, on a single platform. About Wind River Wind River is a global leader in delivering software for intelligent systems. The company’s technology has been powering the safest, most secure devices in the world since 1981 and is found in billions of products. Wind River offers a comprehensive portfolio, supported by world-class global professional services and support and a broad partner ecosystem. Wind River software and expertise are accelerating digital transformation of mission-critical intelligent systems that will increasingly demand greater compute and AI capabilities while delivering the highest levels of security, safety, and reliability.

Read More