Category

The cloud enables great agility and can reduce costs if used right. But does it also manage risk? In fact, the cloud contains the same traditional hosting risks as well as specific related risks to your production environment running on the cloud. With IaaS dynamic environment you pay only for what you use enabling alignment with actual real-time demand. The cloud instance is a temporary resource that is created from a gold master image automatically and on demand. This basic cloud automation capability makes traditional patching redundant and fast provisioning extremely easy. It is an important consideration that changes some basic security deployment perceptions when moving from traditional infrastructure to the cloud.

Read more »

Amazon’s AWS  VPC (Virtual Private Cloud) is like a canvas. It lets you define private networks, the way they interact with each other, routing, and security. Now, it even lets you terminate VPN connections from your main corporate network out-of-the-box and, best of all, it doesn’t cost you anything to use it.

Read more »

In the final installment of this 3-part series, we will discuss data retrieval, account permissions, integrating with S3, and transferring secure data. To recap, part 1 introduced Glacier as an extremely low-cost storage service that provides secure, durable, and flexible storage for your data backup and archival. In part 2, we discussed some functionalities of Glacier including managing archives, creating a vault, Glacier durability and archive inventory. And now, part 3.

Read more »

There are countless benefits to cloud computing including increased efficiency, streamlined processes and reduced costs. It also, however, threatens the security of your online services. Admins may leave ports open to connect to their servers while also giving access to hackers. Additionally, server sprawl deems security unmanageable. Worst of all, security solutions on the market today don’t have appropriate business models and/or technology that can migrate and scale.

Read more »

The greatest incentive to move to the cloud is to reduce cost. Organizations invest a lot to that end, but that investment is for not if your cloud isn’t protected. Most often, these mistakes are attributable to either a misinterpreted security policy or cluttered, nearly illegible security rules.

Read more »

AWS EC2 is a scalable, reliable and low-priced offering from Amazon for the user’s virtual computation or hosting needs. AWS EC2 instances can be launched or terminated any time. However, there may be a probability that the user may terminate the production instance by accident. To overcome the above mentioned problem, AWS provides a functionality called termination protection. Once enabled, the user cannot terminate the instance from the console or the command line API.

The present guide demonstrates how to enable termination protection for an instance.

Read more »

The latest trends on major sites is to serve content using HTTPS only. It actually offers several interesting advantages, like:

• Protection against Man-in-the-Middle Attacks, where someone is able to hear your connection and get sensitive information (e.g. cookies)
• Avoids (to some extent) some nasty Bots and Spiders
• Conveys more trust from Users, especially those who always ask “Where’s the Key Icon I’ve heard about on TV?” (e.g., your parents)

Read more »

Time To Know provides a breakthrough solution for today’s one-to-one computing classrooms.

The company utilizes a hybrid cloud infrastructure that combines AWS with a ‘co-location’ data center near its corporate offices. Time To Know initially adopted AWS with the aim of cutting costs. Having adopted the cloud after its processes were already in place, however, has left much room for improvement.

The ease of acquiring AWS instances sprawled the company’s footprint by 40%. It was clear they were spending too much money but not how that could be remedied.

Read more »

In this part we will dig a bit deeper and detail the standards and regulations that some of the most common infrastructure (IaaS) Cloud Service Providers (CSPs) comply with and are certified for. CSPs are not always obliged to follow all regulations, but normally they have procedures to make their consumer cloud compliant. We also look at four of the IaaS giants and how they handle making you become cloud ready. To highlight some basic differentiators between EU and  US CSPs, a well-known European CSP is included too.

Read more »

The AWS Elastic Load Balancer functions as a gateway for all the traffic to your data servers. The SSL, additionally, is used to encrypt data in transit. In order to keep your data safe, it’s not enough just to encrypt data in transit. There are more considerations that need to be made to keep your Amazon environments safe. For now, let’s discuss how to update the SSL Certificate of an AWS ELB. At the end of this post, I will circle back to the security issues that need to be taken into consideration.

Read more »