With its release of VMware Validated Design, VMware has created a methodology to design in security controls based on compliance requirements. While some of those controls might require additional configuration during deployment, for the first time ever, the UCF mapped requirements are included in the current implementation by design.
Security supported by the VMware Validated Design reduces the risk of data theft, cyber-attack, or unauthorized access. While compliance is the proof that a security control is in place, typically within a defined timeline, security and compliance work with a broader set of considerations including people, processes, and technology.
A compliance mapping using the Unified Compliance Framework’s infrastructure provides a centralized view to list out many of the required security controls. Those controls are further detailed by including each security control’s respective compliance citations as dictated by a domain such as NIST, PCI, FedRAMP, HIPAA, and so forth.
For more information about VMWare’s Validated Design, see their VMWare Docs HERE.