Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

HyTrust Models New Feature After Nuclear Weapon Launch Controls

HyTrust 3.0 Integrates ‘Secondary Approval’ Feature To Safeguard Against Operational Downtime and Internal Security Breaches.

At the RSA Europe Conference in London this week, HyTrust, a provider of policy management and access control solutions for virtual environments, released version 3.0 of its HyTrust Appliance.

HyTrust 3.0 Integrates ‘Secondary Approval’ Feature To Safeguard Against Operational Downtime and Internal Security Breaches.

At the RSA Europe Conference in London this week, HyTrust, a provider of policy management and access control solutions for virtual environments, released version 3.0 of its HyTrust Appliance.

The latest version, which despite its name is not a physical piece of hardware, but rather a virtual appliance, includes several improvements, but the most notable is a new “secondary approval” feature that enforces the two-person rule, made famous by the US Air Force’s general rule focusing on nuclear missile launches.

Nuclear Launch Controls“According to US Air Force Instruction (AFI) 91-104, the two-person rule was designed to prevent the accidental or malicious launch of nuclear weapons by a single individual,” explained Eric Chiu, founder and president of HyTrust in a statement.

“Similarly, HyTrust’s new Secondary Approval feature mandates designated approvers authorize high-impact operations prior to users with administration privileges being able to execute actions that can impact the business or even bring down the entire data center,” he added.

So-called “privileged users” of an organization’s virtualization platform typically have much greater administrative power than counterparts who manage physical data center infrastructure. They can copy, power off or delete a business-critical VM with a few clicks from any location in the world, or any device.

VMware and other virtualization platforms do not provide adequate control, the company says, including viable methods of requiring additional checks for actions that can result in negative consequences. Thus, secondary approval is designed to prevent malicious actions or unintended ones to virtual machines (VMs), critical applications and data, from causing damage to business operations.

“Both organizations that have implemented virtualization extensively across their infrastructure and those embarking on an initial virtualization project face the critical problem of ensuring that administrators and other privileged users with access to the hypervisor are appropriately constrained and monitored on an ongoing basis,” noted Steve Coplan, Senior Analyst  at 451 Research. “Equally, however, these constraints should not stand in the way of operational efficiency and should be enforced in conjunction with a set of best practices for the configuration and management of virtualized environments.”

HyTrust Appliance 3.0 is generally available now. 

Advertisement. Scroll to continue reading.

HyTrust Appliance Enterprise Edition is licensed at $750 per CPU for each ESX or EXSi host. It’s also offered as a free, full-featured community version. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Cisco's enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user's microphone is muted in the software,...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Application Security

Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...