Download Publication
.png)
CCM Video Series: IVS - Infrastructure & Virtualization Security
Release Date: 11/02/2024
In this presentation we delve into the Infrastructure and Virtualization Security (IVS) domain, which comprises nine control specifications designed to guide both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) in securing infrastructure and virtualization technologies. This domain covers the protection of hardware, software, networks, and facilities essential for delivering IT services, as well as the virtualization technologies that abstract hardware resources into virtual environments.
Under the Shared Security Responsibility Model (SSRM), both CSPs and CSCs are typically responsible for implementing IVS controls. CSPs are generally tasked with securing the underlying infrastructure, including platform technologies (like hypervisors and virtual machines), network virtualization, and providing capabilities for resource planning. CSCs are responsible for securing their allocated resources within the virtualized environment, such as hardening guest operating systems, applying security patches, and managing access to platforms and control interfaces.
Under the Shared Security Responsibility Model (SSRM), both CSPs and CSCs are typically responsible for implementing IVS controls. CSPs are generally tasked with securing the underlying infrastructure, including platform technologies (like hypervisors and virtual machines), network virtualization, and providing capabilities for resource planning. CSCs are responsible for securing their allocated resources within the virtualized environment, such as hardening guest operating systems, applying security patches, and managing access to platforms and control interfaces.
Download this Resource
Are you a research volunteer? Request to have your profile displayed on the website here.
Related Certificates & Training

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, recommendations from ENISA, and the Cloud Controls Matrix, you will come away understanding how to leverage information from CSA's vendor-neutral research to keep data secure on the cloud.
Learn more
Learn more