VMware, Inc. (NYSE: VMW) today announced a range of services within its multi-cloud management service, VMware Aria, have been independently assessed by an Information Security Registered Assessors Program (IRAP) assessor against the Information Security Manual (ISM) PROTECTED controls.
The Information Security Registered Assessor Program (RAP) is a security compliance framework comprised of security assessment processes and a security assessor program.
VMware Aria provides a unified management solution for managing the cost, performance, configuration, and delivery of infrastructure and cloud native applications.
The assessment of VMware Aria at PROTECTED level helps provide assurance to government customers that the service has the appropriate security controls in place for the processing, storage and transmission of information classified up to, and including, the level of PROTECTED.
The VMware Aria cloud services assessed include:
- VMware Aria Automation
- VMware Aria Automation Assembler
- VMware Aria Automation Pipelines
- VMware Aria Automation Consumption
- VMware Aria Hub Subscription
- VMware Aria Operations for Logs
- VMware Aria Hub and VMware Aria Graph
- VMware Aria Automation Config
- VMware Aria Automation for Secure Hosts
- VMware Aria Operations
- VMware Aria Operations for Networks
The IRAP assessment marks a significant step in VMware’s continued commitment to providing Australian government customers with solutions to accelerate their innovation.
In 2020 Brad Anderson, former IBM vice president of cloud and cognitive software in Australia and New Zealand, was annouced Vmware’s Vice President and Managing Director Australia and New Zealand (ANZ)
“As the digital strategies of government organisations continually evolve, we’re committed to providing the flexibility to choose the best solution to meet those needs,” said Anderson
“With VMware Aria services gaining IRAP PROTECTED status, our government customers gain access to a customised cloud-management experience to help simplify management of their multi-cloud environment.” he said.
With the assurance that VMware Aria has the required security controls in place, it unlocks the potential for further transformation within government by enabling customers to improve delivery speed, control cloud spend, optimise performance and reduce risk.
IRAP was developed by the Australia Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) within the Australian government and supports Australian commonwealth government entities in maintaining their security assurance and risk management
In 2021 VMware Cloud on AWS successfully completed the IRAP cloud security assessment after assessors evaluated VMware Cloud on AWS controls across several technical areas including ;
- Cyber security roles and responsibilities,
- Incident management
- Systems hardening
- Systems monitoring
- Cryptography
- Networking
- Software development
- Personnel security
The IRAP Cloud Security Assessment is a significant milestone for VMware in the Australian region and enhances Vware’s capability to support Australian government customers
