RSA and VMware have released five best practices for locking down virtual environments and meeting compliance requirements. The steps comprise platform-hardening, configuration and change management, administrative access control, network security and segmentation, and audit logging.