The cloud presents many security management challenges. Ensuring compliance, identity management, and other security best practices can be a challenging task. AWS Identity and Access Management (IAM) is one of the tools that can be used to mitigate the risks associated with these challenges. In this article, I will discuss a few of the high points of IAM, including the different options and limitations that this AWS service brings together with its fascinating capabilities.
Many cloud computing users strive to apply security best practices to their cloud computing strategies. One of the best components that Amazon offers to manage security in their cloud computing service is their IAM mechanism, which allows an account owner to create users and manage their permissions within an AWS account.
Read More
Although more and more cloud newcomers are grasping the essence of the cloud, the challenges are still great. EU or US “cloud regulations” with regard to security and privacy is still a popular topic of discussion in the cloud social sphere. NIST, a US government research organization, with its cloud program is one of leaders in pushing to define the cloud with its “right rules” supported by relevant standards.
“Cloud computing can and does mean different things to different people. The common characteristics most interpretations share are on-demand scalability of highly available and reliable pooled computing resources, secure access to metered services from nearly anywhere, and displacement of data and services from inside to outside the organization. While aspects of these characteristics have been realized to a certain extent, cloud computing remains a work in progress. This publication provides an overview of the security and privacy challenges pertinent to public cloud computing and points out considerations organizations should take when outsourcing data, applications, and infrastructure to a public cloud environment”
Read More
In order to prevent losing important data, it is essential to back up your EBS Volumes. EBS Snapshots enable the creation of virtual copies of EBS Volumes at a specific point in time. A snapshot comprises data blocks that are incrementally saved to Simple Storage Service (S3), meaning that only the blocks on the device that have changed since your last snapshot are saved. For that reason, EBS Snapshots can be an efficient way to back-up the data in EBS Volumes.
For typical data backup procedures, EBS Snapshots offer an adequate instrument to perform backup of EBS Volumes. When using EBS Snapshots as part of a backup procedure, an important parameter to take into consideration when defining your policy is the frequency of snapshots. Factors like the type of data stored in the EBS volumes, its volatility, the amount of data, and others, are key in determining the frequency in which EBS Snapshots should be created.
Read More
Clouds move fast, and change fast. The advantage is having elastic, fast, and un-planned deployments. However, uncontrolled usage leads very quickly into footprint sprawl – cloud sprawl, overspend and unpredictable behavior. Contrary to VM sprawl, where the virtualization environment provides natural containment, cloud sprawl can be rather chaotic and expensive – exactly for the same reasons we enumerated above: lack of visibility and control, unpredictability, new processes, and different practices.
Read More
Cloud providers consolidate access to many consumers’ data, or should we say victims’ data into a single point of (hacking) entry. Recently, the major popular clouds have increasingly become the focus of attacks by hackers. IT organizations may think that their legal liability can be outsourced, but total misconception. The contract with the IaaS vendors includes security obligations, however it does not negat the liability of the software vendor as the responsibe party. So rather than focusing on contracts and limiting liability in cloud services deals, the SaaS vendor must focus on controls and audit-ability.
Read More
Chris Hoff, a former colleague now at Juniper Systems, and a great blogger in his own right, penned a piece last week about the weak underbelly of automation: our decreased opportunity to react manually to negative situations before they become a crisis. Hoff put the problem extremely well in the opening of the post:
“I’m a huge proponent of automation. Taking rote processes from the hands of humans & leveraging machines of all types to enable higher agility, lower cost and increased efficacy is a wonderful thing.”
Read More
