Cloud Compliance and Security

Cloud Compliance: Part 2 – Top 10 Tips

Cloud ComplianceIn the first part of the Cloud Compliance series, I talked about the basics; what compliance is. Short recap: Compliance is when you have certain laws, procedures and regulations to follow and how they comply with companies’ (customers’), countries’ and branch laws, procedures and regulations – do they fit together?

In this part I present a  more practical approach. Thanks to the great help from the cloud-based, SaaS pioneer - LivePerson, you can find in this article top 10 tips that can help you start right.

10 AWS Security Tips – Part 2, Extra Precautions

AWS Cloud Security TipsThe security of the public cloud is a topic of on-going debate. As an end user you need to worry about your data privacy and security. In the past we have heard a few cases where security of mega online services compromised such as Sony PS3, Gmail and Linkedin. This raise questions about whether public online services can be trusted.  Amazon cloud with its virtue of best of security implementation is still leading the race and there has never been a data breach of AWS cloud services.  The AWS cloud environment is also compliant with certifications and audits  such as FISMA, ISO 27001/2, SOC1T2 and more. You can learn more about AWS security features here.

In this article we will talk how you can enhance security of your AWS resource with extra precaution. We hope that using some of the tips offered in this article series will help you ensure proper safety of your AWS resources. In the first article, we presented some general as well EC2-specific AWS security tips. In this second part, we list ten more tips on the precautions you should take for the safety of EBS, snapshots, or AMI.

How to Generate S3 Policies and Manage S3 Bucket Permissions

In this guide we will describe S3 bucket policies, and how to generate and set a policy to an AWS S3 bucket.

Bucket policies define access rights for Amazon S3 resources. Only a bucket owner can write bucket policies. The S3 bucket policy enables you to set permissions such as “Allow/deny bucket-level permissions” and “Deny permission on any objects in the bucket”.

Getting Started with AWS Direct Connect

AWS Direct Connect enables AWS users to perform significant data transfer using a dedicated private connection from their premises to AWS. AWS customers with high data transfer costs should look into the viability of using Direct Connect. Pricing is substantially lower than with public Internet connectivity – often at as little as 1/8th of the current cost. Users have a choice of 1 Gbit or 10 Gbit over a direct fiber cross-connect, which is faster, cheaper, and more secure.

In Depth: AWS IAM and VPC

One of the most important leading features that Amazon Web Services released on 2011 was the VPC. Together with the IAM (Identity Access Management)  It helps the enterprise to deploy a more secure and  robust environment inside the amazing AWS public cloud. Before the VPC, all the AWS computing nodes were exposed to the internet without the option to protect specific instances that include critical service and data. The security groups were a good tool to support security separation of instances though it was never enough and include a great amount of custom work. With VPC the public cloud consumer can create a private secured portion that easily communicate with the public resources. These slides present best practice on how to manage IAM and an example of VPC deployment with a secure integration with the  the on-premise resources.

SaaS as a Security Hazard: The Google Apps Example

As the borderline between a web site and an application blurs, so does the division between the enterprise IT and the internet. More and more enterprises adapt core applications which are provided as a service over the Internet. Until recently those where limited to vertical applications such as for sales automation and for recruiting, both of which have already suffered major security issues that compromises customer data.

Google software push has led to enterprise adaption of general purpose cloud services including office tools, mail and knowledge management, which presents an entirely new risk level. In this presentation we will discuss the security risks of SaaS (Software as a service) and review past incidents on such services. We will than dissect the security implications of using Google Apps as an example for a SaaS and create a checklist of things to examine in a SaaS offering before subscribing to ensure that it provides sufficient security. Lastly we will discuss the solutions offered by Google as well as 3rd party solutions.

Newvem partnered with IGT to generate a series of events under the theme “The Cloud Management Forum”. Those slides were presented on the session:  Cloud Security Management meetup. This presentation brought you by Ofer Shezaf Information Security Visionary and Evangelist, HP Software.

Keywords: Cloud Security, Enterprise IT, Google Apps, HP, Cloud Security Risks, SaaS, Cloud Adoption, Cloud Security Management, Compliance, PCI, SOX, SAS 70, ISO, Permissions, Authentication, Authorization

How to Separate Key-Pair Authentication for Individual User

Cloud Security Management - Overview and Challenges

What’s your first priority cloud security concern ?

From an attacker’s perspective, cloud providers aggregate access to many victims’ data into a single point of entry. As the cloud environments become more and more popular, they will increasingly become the focus of attacks. Some organizations think that liability can be outsourced, but no, it cannot! This presentation will answer questions such as what are the key security challenges for new cloud comers. What are the options and how you can start with a safe cloud deployment?

  • The different Cloud security aspects
  • The cloud vendor versus the cloud customer - the responsibility perception
  • How Newvem helps its customers to avoid AWS cloud security vulnerabilities leveraging eco-system of cloud vendors.

Keywords: Amazon AWS Cloud services, Security group, Shared AMI, Amazon Machine Image, Cloud IP ports, Database Ports, AWS Security vulnerabilities, AWS Firewall, Compliance, AWS Complexity, Dome9 cloud security, EC2, Security Policy, Cloud Security Management

How-to Create a New EC2 Instance Key Pair

A lot of people use Amazon’s cloud service for a myriad of things, and not everyone has the best implementation practices. This opens your cloud to any number of security issues and vulnerabilities that could otherwise be avoided.

How to Manage IAM Security Policies

Hitchhiker's Guide to The Cloud

Newvem's eBook for Cloud Operations