Check: ESX1070
VMware ESX 3 Policy:
ESX1070
(in version v1 r2)
Title
Virtual machines are removed from the site without approval documentation. (Cat II impact)
Discussion
From a theft perspective, virtual machines are easy to copy and move to a person’s USB drive, portable hard drive, etc. An insider could potentially move the organization’s entire data center on any type of removable media that had sufficient space.
Check Content
Request the approval documentation from the IAO/SA that the site uses for all virtual machines taken off site. If no documentation exists, this is a finding.
Fix Text
Create documentation to use for virtual machines taken off site.
Additional Identifiers
Rule ID: SV-16845r1_rule
Vulnerability ID: V-15903
Group Title: Virtual machines are removed without documentation
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |