Sunday, February 21, 2016

Securing AWS Means Avoiding Common Mistakes

Cloud computing and software as a service has changed the landscape of information security, but not everyone who becomes an AWS environment is aware that at first.

This is the message of a consultant who provided an AWS cloud Meetup in Boston last week, and participants who took in the presentation and have a safe experience AWS environments.

One of the most significant recent changes to hit the world of computer security and cloud (SaaS)-as-a-Service software is increasingly common to a slight increase in the activity of regulators and the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) as Guarav Pal, DevOps platforms and secure stackArmor strategist, a consulting firm and partner in the AWS cloud Potomoc, Md brokerage cloud architect.

Last year, the FTC won a lawsuit against Wyndham Worldwide Corporation, which has established jurisdiction for the first time in terms of data security. In January 2016, the Federal Trade Commission to extract a solution of Henry Schein Practice Solutions Inc., a provider of dental office software, the FTC accused of falsely advertising the level of encryption used to protect patient data $ 250,000 .

The regulatory framework will catch up with cloud computing, and now "the lack of security has a cost," Pal said in his presentation.

Meanwhile, Web and SaaS products have changed what it means to secure computing environment, users of cloud computing - including SaaS startup companies - tend to be stronger in the "Dev" a "DevOps" and relatively low in "Operations".

"It was ten years ago, the applications delivered on CD - now requires suppliers of SaaS PAHO," Pal said.

curricula of computer science is not strong emphasis on safety and operations as they do in pure programming, as audience member Jason Dunkerley, Manager of RBM Technologies, a provider of SaaS marketing retail Boston, speaking SearchAWS. com in a separate interview after the Meetup.

Since the cloud and SaaS industries are still in their infancy, there is no professional society for engineers core software as the National Society of Professional Engineers, which vet civil, electrical and mechanical engineers, Dunkerley said. However, in the cloud developers time you can create a product quickly and be able to serve thousands of people at a time without a large initial investment.

"It's exciting, but also very dangerous," Dunkerley said. "You concentrate so hard on product improvement and iteration so that your product is what they ask their customers [...] can not focus on the level of exploitation of him to protect him."

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.