Cloud Compliance and Security

Ultra Secure Data Center on Amazon Cloud

The following presentation was created by Lahav Savir - Architect and CEO at Emind Systems Ltd. Emind Systems is an AWS solutions & consulting vendor, serving ~100 AWS customers.

Emind Systems Best Practice for Ultra Secure Deployment on Amazon Cloud

In this article I will introduce our in-house best practice for an ultra-secure application deployment on the AWS cloud. This best practice is based on Emind System’s experience in performing dozens of infrastructure projects based on the Amazon Web Services’ platform.

Case Study: OneHourTranslation Follows Newvem’s Insights With Great Results

OneHourTranslation is the web’s leading Professional Translation Service, offering its services to thousands of business customers worldwide, 24/7.

The company utilizes AWS Cloud to run its web operation on an elastic environment. In order to support the agile demand, OneHourTranslation is taking advantage of the AWS cloud products, including Amazon’s Elastic Block Store (EBS), Amazon Simple Storage Service (Amazon S3), Elastic Compute Cloud (EC2), Simple Queue Service (SQS), Domain Name System (DNS, Amazon Route 53), and more. 

How to Encrypt AWS S3 Storage Objects

Cloud Compliance: Part 2 – Top 10 Tips

Cloud ComplianceIn the first part of the Cloud Compliance series, I talked about the basics; what compliance is. Short recap: Compliance is when you have certain laws, procedures and regulations to follow and how they comply with companies’ (customers’), countries’ and branch laws, procedures and regulations – do they fit together?

In this part I present a  more practical approach. Thanks to the great help from the cloud-based, SaaS pioneer - LivePerson, you can find in this article top 10 tips that can help you start right.

10 AWS Security Tips – Part 2, Extra Precautions

AWS Cloud Security TipsThe security of the public cloud is a topic of on-going debate. As an end user you need to worry about your data privacy and security. In the past we have heard a few cases where security of mega online services compromised such as Sony PS3, Gmail and Linkedin. This raise questions about whether public online services can be trusted.  Amazon cloud with its virtue of best of security implementation is still leading the race and there has never been a data breach of AWS cloud services.  The AWS cloud environment is also compliant with certifications and audits  such as FISMA, ISO 27001/2, SOC1T2 and more. You can learn more about AWS security features here.

In this article we will talk how you can enhance security of your AWS resource with extra precaution. We hope that using some of the tips offered in this article series will help you ensure proper safety of your AWS resources. In the first article, we presented some general as well EC2-specific AWS security tips. In this second part, we list ten more tips on the precautions you should take for the safety of EBS, snapshots, or AMI.

How to Generate S3 Policies and Manage S3 Bucket Permissions

In this guide we will describe S3 bucket policies, and how to generate and set a policy to an AWS S3 bucket.

Bucket policies define access rights for Amazon S3 resources. Only a bucket owner can write bucket policies. The S3 bucket policy enables you to set permissions such as “Allow/deny bucket-level permissions” and “Deny permission on any objects in the bucket”.

Encrypt Your Data in the Cloud

Keeping data private and secure has always been a business imperative for data privacy and regulatory compliance reasons, and as businesses seriously consider migrating to the cloud, data security is one of the most significant concerns. Once data is moved to the cloud, it becomes vulnerable to a number of new threats, and data security must be addressed jointly by the cloud provider and the customer itself. In our presentation we will discuss the shared responsibility module, review the pros and cons of current approaches to cloud data security, and discuss new and emerging technologies such as split-key encryption and partially homomorphic key encryption that enables organizations to maintain data privacy in a public cloud environment.

This presentation brought to you by Ariel Dan, Co-Founder VP sales & Marketing at Porticor cloud security.

[No time to attend to your AWS security breaches? Newvem automatically recognizes your database servers,analyzes their vulnerability, and provides you with drill downs covering insights on specific instances for a quick fix turnaround. Learn more]

Keywords: Amazon AWS Cloud services, security group, AMI, Amazon Machine Image, Cloud IP ports, database Ports, AWS Security vulnerabilities, AWS Firewall, Shared Resources, Data Encryption, S3, EBS

In Depth: AWS IAM and VPC

One of the most important leading features that Amazon Web Services released on 2011 was the VPC. Together with the IAM (Identity Access Management)  It helps the enterprise to deploy a more secure and  robust environment inside the amazing AWS public cloud. Before the VPC, all the AWS computing nodes were exposed to the internet without the option to protect specific instances that include critical service and data. The security groups were a good tool to support security separation of instances though it was never enough and include a great amount of custom work. With VPC the public cloud consumer can create a private secured portion that easily communicate with the public resources. These slides present best practice on how to manage IAM and an example of VPC deployment with a secure integration with the  the on-premise resources.

Deploying Secure Data Backup Over AWS Cloud

This presentation brought to you by Lahav Savir CEO at Emind. Emind services are focused on large scale system design, implementation, deployment and management specifically for the AWS cloud.

In his presentation he describes cloud enablement services that were provided to a global organization. According to Lahav this organization provides software solutions and technology for the travel industry – handles huge volumes of near real-time transactions and reservations. These slides are a result of a cloud migration of an inefficient and costly offsite backup infrastructure that was meant to manage an incrementally expanding database of more than 2.8 TB of storage.

Together with the great new capabilities cloud presented a new approach of multi-tenant environments and the sharing features. In this great capability also buried a great risk of resources exposure. AWS Cloud resource sharing options facilitates your ability to moce resources and application across multiple accounts and enjoy some public out-of-the-box service., yet it can also create risks for your digital property. Newvem informs you when an object is shared for you to determine if this is warranted or not. Check our Newvem security features to learn more.

The described deployment taking in mind regulatory compliance rule that the previous six months’ material must be readily available in a systematized fashion with cross-platform search functionality. This secured backup solution presented is based on AWS technologies such as S3 storage and EBS volumes explaining how to deal with great chunks of data in a secure manner while leveraging Porticor, cloud security solution.

Hitchhiker's Guide to The Cloud

Newvem's eBook for Cloud Operations