When you keep important business data in your EC2 servers, you need a backup and disaster recovery (DR) solution like you would for any server. For operational backup, the most efficient and effective approach in EC2 is to use EBS snapshots. These are the parallel of hardware snapshots in a traditional data center.In this post we will discuss the challenges you encounter when you use EBS snapshots.
The cloud definitely marks a new era. Not only can we manage our resources in a flexible way and with no capital investment, but we can also enjoy the state-of-the-art infrastructure of large cloud providers, like AWS cloud. Specifically, when we use EC2 to compute endless resources, we know that in terms of the durability of our virtual servers, power supply, and storage, we can trust AWS to have the best of the best.
In case of a disaster we would like to make sure that our applications are still up and running, while taking advantage of our failover hosting/cloud provider. The Disaster Recovery (DR) architecture is driven by the criticality of applications and data. The decision regarding what to back up and deploy eventually translates into ongoing costs that can be extremely significant. Every IT organization has its own high level policy guidelines. These policies are eventually translated into the policy deployed for each of the different applications the enterprise runs. The CIO and its team need to make sure they define both the high level policies and the actual budget that can be spent for DR matters.
I believe that this is the year when the enterprise will find its way to the cloud.
The mega Internet sites and applications are the new era enterprises. These will become the role models for the traditional enterprise. IT needs remain the same with regards to scale, security, SLA, etc. However, the traditional enterprise CIO has already set the goal for next year: 100% efficiency.
The traditional CIO understands that in order to achieve that goal, IT will need to start and do cloud, make sure that IT resources are utilized right, and that his teams move fast.
In this part we will dig a bit deeper and detail the standards and regulations that some of the most common infrastructure (IaaS) Cloud Service Providers (CSPs) comply with and are certified for. CSPs are not always obliged to follow all regulations, but normally they have procedures to make their consumer cloud compliant. We also look at four of the IaaS giants and how they handle making you become cloud ready. To highlight some basic differentiators between EU and US CSPs, a well-known European CSP is included too.
Over the last year I had endless conversations with companies that strive to adopt the cloud – specifically the Amazon cloud. Of those I met, I can say that ClickSoftware is one of the leading traditional ISVs that managed to adopt the cloud.The Amazon cloud is with no doubt the most advanced cloud computing facility, leading the market.
In this article I will introduce our in-house best practice for an ultra-secure application deployment on the AWS cloud. This best practice is based on Emind System’s experience in performing dozens of infrastructure projects based on the Amazon Web Services’ platform.
In the first part of the Cloud Compliance series, I talked about the basics; what compliance is. Short recap: Compliance is when you have certain laws, procedures and regulations to follow and how they comply with companies’ (customers’), countries’ and branch laws, procedures and regulations – do they fit together?
In this part I present a more practical approach. Thanks to the great help from the cloud-based, SaaS pioneer - LivePerson, you can find in this article top 10 tips that can help you start right.
As the borderline between a web site and an application blurs, so does the division between the enterprise IT and the internet. More and more enterprises adapt core applications which are provided as a service over the Internet. Until recently those where limited to vertical applications such as salesforce.com for sales automation and monster.com for recruiting, both of which have already suffered major security issues that compromises customer data.
Google software push has led to enterprise adaption of general purpose cloud services including office tools, mail and knowledge management, which presents an entirely new risk level. In this presentation we will discuss the security risks of SaaS (Software as a service) and review past incidents on such services. We will than dissect the security implications of using Google Apps as an example for a SaaS and create a checklist of things to examine in a SaaS offering before subscribing to ensure that it provides sufficient security. Lastly we will discuss the solutions offered by Google as well as 3rd party solutions.
Newvem partnered with IGT to generate a series of events under the theme “The Cloud Management Forum”. Those slides were presented on the session: Cloud Security Management meetup. This presentation brought you by Ofer Shezaf Information Security Visionary and Evangelist, HP Software.
Keywords: Cloud Security, Enterprise IT, Google Apps, HP, Cloud Security Risks, SaaS, Cloud Adoption, Cloud Security Management, Compliance, PCI, SOX, SAS 70, ISO, Permissions, Authentication, Authorization
What’s your first priority cloud security concern ?
From an attacker’s perspective, cloud providers aggregate access to many victims’ data into a single point of entry. As the cloud environments become more and more popular, they will increasingly become the focus of attacks. Some organizations think that liability can be outsourced, but no, it cannot! This presentation will answer questions such as what are the key security challenges for new cloud comers. What are the options and how you can start with a safe cloud deployment?
Keywords: Amazon AWS Cloud services, Security group, Shared AMI, Amazon Machine Image, Cloud IP ports, Database Ports, AWS Security vulnerabilities, AWS Firewall, Compliance, AWS Complexity, Dome9 cloud security, EC2, Security Policy, Cloud Security Management
