PO3740

Achieving Regulatory Compliance in Virtualized Environments

Regulatory compliance is an important topic that is driving many important IT initiatives across the enterprise, including security. Many of the standards and focus so far has been on achieving compliance on physical systems, without taking a deeper look into how these standards are adapted for a virtual environment. This panel will bring representative experts from across the regulatory compliance landscape, including customers, auditors, technology providers, and virtualization platform providers to discuss the real-world issues involved in achieving compliance in a virtualized environment and present practical tips and feedback to the audience on how to approach achieving these goals.

Technical Overview Session

Networking; Storage / Backup; VMware Infrastructure; Virtualization Platform / Hypervisor

1 Hour

Jonathan Alexander( vmSight ), Chris Richter( SAVVIS ), Dennis Moreau( Configuresoft ), Charu Chaubal( VMware, Inc. ), Dwayne Melancon( Tripwire, Inc. )

Charu Chaubal is a Senior Architect in Technical Marketing at VMware, Inc., where he is chartered with enabling customer adoption and driving key partnerships for datacenter virtualization. His areas of expertise include virtualization security and virtual infrastructure management. Charu received a Bachelor of Science in Engineering from the University of Pennsylvania, and a Ph.D. from the University of California at Santa Barbara, where he studied the numerical modeling of complex fluids. Previously, he worked at Sun Microsystems, where he had over 7 years experience with designing and developing distributed resource management and grid infrastructure software solutions. He is the author of several patents in the fields of datacenter automation and numerical price optimization.

Dwayne Melancon, CISA, is Vice President of Corporate and Business Development for Tripwire, Inc. Mr. Melancon has worked with the IT Process Institute on its research of best practices as well as with numerous corporations around the world on IT service management improvement. Previously, Mr. Melancon was VP of Professional Services and Customer Support and VP of Marketing for Tripwire, and VP of Operations for DirectWeb. He is a Certified Information Systems Auditor (CISA,) ITIL Foundation Certified and a member of the Information Systems Audit and Control Association (ISACA), the Institute of Internal Auditors (IIA), and the IT Service Management Forum (ITSMF).

Jonathan Alexander is the president and co-founder of vmSight, the leader in managing virtual desktops for performance, reliability and regulatory compliance. vmSight's patented Connector ID technology provides significant advantages in auditing and controlling user activity for stronger PCI, HIPAA, GLBA and FISMA compliance using virtual desktops. With over 20 years of successful product design and technology leadership, Jonathan Alexander is a frequent speaker on the management and security benefits of virtual desktops, appearing at virtualization industry events and conferences, and contributing to industry blogs. Prior to vmSight, Jonathan held key product leadership roles at business analytics innovator Epiphany and web development tools pioneer Radnet.

As a Founder and the Chief Technology Officer for Configuresoft, Dennis Moreau is a specialist in the application of leading edge technologies to the solution of complex problems in the Information Technology management domain. His primary focus is in developing enterprise scale solutions to improve IT efficiency and effectiveness for systems management, security compliance and configuration optimization. He is active with NIST and MITRE on the development of security configuration policy compliance standards, and is on the MITRE OVAL Board of Directors. He holds a Ph.D. in Computer Science.

Chris Richter, is Vice President and General Manager of Security Products and Services at SAVVIS, a leading network, hosting and security services provider, where he is responsible for the managed-security line of business, strategy and product portfolio. He leads the effort behind implementing standardized control-frameworks, and risk management processes, across SAVVIS'; dedicated and cloud-based services, and its IT Utility, the company's virtualized hosting services platform; products that are currently in use by thousands of enterprises worldwide. Mr. Richter has assisted many enterprises adapt their premise-based infrastructure risk management programs and security controls to SAVVIS; outsourced virtualized and shared-infrastructure services. He brings an IT service provider's view of control requirements for virtualized infrastructures. He is a member of ISSA and ISACA, and for more than 20 years has held various security and IT services management and consulting positions at companies such as Digital Equipment Corporation, Compaq Global Services, 3Com, Cable & Wireless, and Sterling Software. He holds Certified Information Systems Security Professional (CISSP), and Certified Information Security Manager (CISM) certifications, and has served as a technical advisor and board member of several Silicon Valley-based IT product and services companies.