Any changes to the hardware, software, and/or firmware components of the operating system can potentially have significant effects on the overall security of the system. Accordingly, only qualified and authorized individuals must be allowed to obtain access to operating system components for purposes of initiating changes, including upgrades and modifications. In order to ensure a prompt response to unauthorized changes to application security functions or security mechanisms, organizations may define countermeasures and safeguards the operating system must undertake in the event these types of operating system changes occur. Permanent finding - While the vCenter/vSphere update manager can manage software, hardware/firmware components are beyond its capabilities. |