Security is a complete process flow with an entire lifecycle; depending on the model that will be used, the first part of the process is usually product agnostic, but then there is a part dependent on the different products and their features and capabilities.

Following VMware's vision, the five pillars of cyber hygiene are as follows:

• Least privilege: This is the common and most reasonable approach, that applies for user accounts, service accounts, and services in general (for example, used ports).
• Micro-segmentation: Using NSX, it's finally possible to bring network control at VM level with granular security rules. Considering also the new product VMware AppDefense, VM security can be enforced at both network and application levels.
• Encryption: Data must be protected at each level, and for the physical level, encryption is the only way to ensure good protection. We will discuss this later in the chapter.
• Multi-factor authentication: Authentication is usually the weakest part, mostly due to passwords that are too simple (or passwords that are not changed periodically). We will discuss this later in the chapter.
• Patching: Keeping your software components up to date is crucial for the security aspect, but it's also very important for implementing new features. We will discuss this more in Chapter 11, Lifecycle Management, Patching, and Upgrade.