SlideShare uma empresa Scribd logo

Cloudsolutionday 2016: Compliance and cost controlling on AWS

Transferir como PPTX, PDF
AWS Vietnam Community
AWS Vietnam Community

Compliance and cost controlling on AWS @ Cloudsolutionday 2016 Nov 19

Tecnologia
1 de 33
Compliance & Cost Controlling Tung Nguyen (tung@fossil.com) (Nov 19, 2016)
What for today A sharing from a Misfit insider on Cost controlling Compliance: PCI, ISO 27001, HIPAA In a storytelling manner Not a “how-to,” more of a “how it has been” (aka. “how my life has been effed up”)
Terms “Cost” means “Cloud cost” “ISO” means “ISO/IEC 27001”
About Misfit ... Since 2011, now part of Fossil Group family
… and the speaker Been a Misfit DevOps, for ~3 years
Cost Controlling (very short list)
Learned Lessons Separate AWS accounts for different environments Tag your resources By asking yourself, e.g.: How much does this project cost? How much does this team cost? Who is handling this specific resource? ---> suggested tags
Learned Lessons (cont.) Simplify conversation with non-AWS folks, e.g.: using the approximate understandable unit cost: dollars/EC2-hours EC2 cost last month: $1.3K EC2 hours last month: 7K hours Approx. EC2 unit cost: 1.3/7 = 0.19 $/hour
Learned Lessons (cont.) Never underestimate 3rd parties for cost management / cloud governance Spend $2K to save $10K, why not? These vendors will have their ways of evaluating and make guarantees
Cost controlling? ‘Nuff said.
Compliance
Why compliance? We have a secure environment, for the organization in general, and the development team specifically. We protect customer data by encrypting … ^%& $#$ % )(*&*& Well …. Let’s see how it REALLY is ... WHEN NON-COMPLIANT YOU POTENTIAL CLIENT
Why compliance? We are PCI complia... SHUT UP AND TAKE MY !!! WHEN COMPLIANT YOU POTENTIAL CLIENT
Why compliance? Protecting your business Getting better business deals
What is ... ISO/IEC 27001 (International Organization for Standardization / International Electrotechnical Commission 27001) A management framework to protect business-critical information Via a set of control areas Information Security Policies Organization of Information Security Human Resource Security Asset management Access control
What is ... PCI DSS (Payment Card Industry Data Security Standard) A proprietary information security standard for organizations that handle branded credit cards (e.g., Visa, MasterCard, American Express, Discover, JCB) The goal is to increase controls around cardholder data to reduce credit card fraud by ensuring that ALL companies that process, store or transmit credit card information maintain a secure environment
What is ... HIPAA (Health Insurance Portability and Accountability Act) The law to protect the confidentiality and security of healthcare information Further background for the United States signed into law in 1996 Our understanding: Personally Identifiable Information (PII) & Protected Health Information (PHI) need to be protected
ISO PCI HIPAA
ISO Protects your business information PCI Protects payment card data HIPAA Protects health and personal data
Common approach 1. Form up a Compliant team (with/without a Consultant) 2. Conduct gap assessment 3. Identify sub-projects and personnel 4. Implement 5. Maintain (Documents, evidences needed) 6. Assess for compliance (By an independent qualified assessor)
How we do ISO PCI HIPAA ● Prioritize and work on the projects/items in common first ● Deal with the rest later Examples: ● Server/software patching process (ISO & PCI) ● Data encyption (HIPAA & ISO)
What we do 1. Form up a Compliant team (with/without a Consultant) 2. Conduct gap assessment 3. Identify sub-projects and personnel 4. Implement 5. Maintain (Documents, evidences needed) 6. Assess for compliance (By an independent qualified assessor)
What we do (#4. Implementation) Build up UTM (Unified Threat Management) system VPN IDS/IPS (Intrusion Detection/Intrusion Prevention Systems) Eliminate public IP addresses of EC2 instances Perform access control for AWS environments, servers, databases, systems
What we do (#4, cont.) Adapt coding standards (e.g., OWASP Top 10, OWASP Secure Coding Practices) Conduct annual trainings for employees on the standards
What we do (#4, cont.) Collect and audit system logs Vulnerability scanning/patching Establish server/software patching process Perform and keep track of vulnerability scans/pen tests Remediate vulnerabilities found Proactively patch our systems based on the security announcements
What we do (#4, cont.) Review and control access to source codes HR-workflow involved Build up golden images for employees’ computers The same for servers How to deal with different requirements of departments?
What we do (#4, cont.) Offices’ IT infrastructure Other non-cloud non-technical requirements Door access controlling HR, again Paper shredders (wait, what?)
What we confront
What we confront The amount of work itself, and time to complete, of course ---> Careful planning and incremental work needed ---> Review your progress, resources frequently The awareness of other teams who indeed need to involve They simply don’t get what you are doing They already have enough on their plate ---> Simple, repeated communication is the key
Names, please? Example consultants Example assessors Individuals?
Thank you
Q&A
See ya!

Recomendados

Meetup #3: Migrate a fast scale system to AWS
Meetup #3: Migrate a fast scale system to AWSMeetup #3: Migrate a fast scale system to AWS
Meetup #3: Migrate a fast scale system to AWSAWS Vietnam Community
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Meetup #3: Migrating an Oracle Application from on-premise to AWS
Meetup #3: Migrating an Oracle Application from on-premise to AWSMeetup #3: Migrating an Oracle Application from on-premise to AWS
Meetup #3: Migrating an Oracle Application from on-premise to AWSAWS Vietnam Community
 
MongoDB at community engine
MongoDB at community engineMongoDB at community engine
MongoDB at community enginemathraq
 
Architecting on The Cloud
Architecting on The CloudArchitecting on The Cloud
Architecting on The CloudAmazon Web Services
 
Leonard Austin (Ravelin) - DevOps in a Machine Learning World
Leonard Austin (Ravelin) - DevOps in a Machine Learning WorldLeonard Austin (Ravelin) - DevOps in a Machine Learning World
Leonard Austin (Ravelin) - DevOps in a Machine Learning WorldOutlyer
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
 
Greetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanGreetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanCliff Chao-kuan Lu
 

Recomendados

Meetup #3: Migrate a fast scale system to AWS
Meetup #3: Migrate a fast scale system to AWSMeetup #3: Migrate a fast scale system to AWS
Meetup #3: Migrate a fast scale system to AWSAWS Vietnam Community
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Meetup #3: Migrating an Oracle Application from on-premise to AWS
Meetup #3: Migrating an Oracle Application from on-premise to AWSMeetup #3: Migrating an Oracle Application from on-premise to AWS
Meetup #3: Migrating an Oracle Application from on-premise to AWSAWS Vietnam Community
 
MongoDB at community engine
MongoDB at community engineMongoDB at community engine
MongoDB at community enginemathraq
 
Architecting on The Cloud
Architecting on The CloudArchitecting on The Cloud
Architecting on The CloudAmazon Web Services
 
Leonard Austin (Ravelin) - DevOps in a Machine Learning World
Leonard Austin (Ravelin) - DevOps in a Machine Learning WorldLeonard Austin (Ravelin) - DevOps in a Machine Learning World
Leonard Austin (Ravelin) - DevOps in a Machine Learning WorldOutlyer
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
 
Greetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanGreetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanCliff Chao-kuan Lu
 
AWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap TaiwanAWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap TaiwanShuen-Huei Guan
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
104 meets cloud
104 meets cloud104 meets cloud
104 meets cloudCliff Chao-kuan Lu
 
Container Management with Amazon ECS
Container Management with Amazon ECSContainer Management with Amazon ECS
Container Management with Amazon ECSAWS Germany
 
Thinkbox Software
Thinkbox SoftwareThinkbox Software
Thinkbox SoftwareAmazon Web Services
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to ServerlessCliff Chao-kuan Lu
 
Getting Started with AWS IoT
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoTAmazon Web Services
 
AWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWSAWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWSAmazon Web Services
 
Serverless Patterns
Serverless PatternsServerless Patterns
Serverless PatternsCliff Chao-kuan Lu
 
Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution SoftServe
 
AWS Customer Presentation- Melrose
AWS Customer Presentation- MelroseAWS Customer Presentation- Melrose
AWS Customer Presentation- MelroseAmazon Web Services
 
ITV& Bashton
ITV& Bashton ITV& Bashton
ITV& Bashton Amazon Web Services
 
AWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and ResultsAWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and ResultsMongoDB
 
AWS Cloudformation Session 01
AWS Cloudformation Session 01AWS Cloudformation Session 01
AWS Cloudformation Session 01AWS Riyadh User Group
 
What are clouds made from
What are clouds made fromWhat are clouds made from
What are clouds made fromJohn Garbutt
 
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast ForwardAWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast ForwardShuen-Huei Guan
 
Crash Course in Cloud Computing
Crash Course in Cloud ComputingCrash Course in Cloud Computing
Crash Course in Cloud ComputingAll Things Open
 
On-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStackOn-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStackke4qqq
 
Lessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack CloudsLessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack CloudsKenneth Hui
 
Building a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStackBuilding a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStackke4qqq
 
Cloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening RemarksCloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening RemarksAWS Vietnam Community
 
Cloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for KubernetesCloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for KubernetesAWS Vietnam Community
 

Mais conteúdo relacionado

Mais procurados

AWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap TaiwanAWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap TaiwanShuen-Huei Guan
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
Container Management with Amazon ECS
Container Management with Amazon ECSContainer Management with Amazon ECS
Container Management with Amazon ECSAWS Germany
 
AWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWSAWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWSAmazon Web Services
 
Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution SoftServe
 
AWS Customer Presentation- Melrose
AWS Customer Presentation- MelroseAWS Customer Presentation- Melrose
AWS Customer Presentation- MelroseAmazon Web Services
 
AWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and ResultsAWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and ResultsMongoDB
 
What are clouds made from
What are clouds made fromWhat are clouds made from
What are clouds made fromJohn Garbutt
 
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast ForwardAWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast ForwardShuen-Huei Guan
 
Crash Course in Cloud Computing
Crash Course in Cloud ComputingCrash Course in Cloud Computing
Crash Course in Cloud ComputingAll Things Open
 
On-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStackOn-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStackke4qqq
 
Lessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack CloudsLessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack CloudsKenneth Hui
 
Building a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStackBuilding a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStackke4qqq
 

Mais procurados (20)

AWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap TaiwanAWS reInvent 2016 recap Taiwan
AWS reInvent 2016 recap Taiwan
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on Docker
 
104 meets cloud
104 meets cloud104 meets cloud
104 meets cloud
 
Container Management with Amazon ECS
Container Management with Amazon ECSContainer Management with Amazon ECS
Container Management with Amazon ECS
 
Thinkbox Software
Thinkbox SoftwareThinkbox Software
Thinkbox Software
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to Serverless
 
Getting Started with AWS IoT
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoT
 
AWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWSAWS Customer Presentation - How TubeMogul uses AWS
AWS Customer Presentation - How TubeMogul uses AWS
 
Serverless Patterns
Serverless PatternsServerless Patterns
Serverless Patterns
 
Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution
 
AWS Customer Presentation- Melrose
AWS Customer Presentation- MelroseAWS Customer Presentation- Melrose
AWS Customer Presentation- Melrose
 
ITV& Bashton
ITV& Bashton ITV& Bashton
ITV& Bashton
 
AWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and ResultsAWS to Bare Metal: Motivation, Pitfalls, and Results
AWS to Bare Metal: Motivation, Pitfalls, and Results
 
AWS Cloudformation Session 01
AWS Cloudformation Session 01AWS Cloudformation Session 01
AWS Cloudformation Session 01
 
What are clouds made from
What are clouds made fromWhat are clouds made from
What are clouds made from
 
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast ForwardAWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast Forward
 
Crash Course in Cloud Computing
Crash Course in Cloud ComputingCrash Course in Cloud Computing
Crash Course in Cloud Computing
 
On-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStackOn-demand Continuous Integration with Jenkins, jclouds, and CloudStack
On-demand Continuous Integration with Jenkins, jclouds, and CloudStack
 
Lessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack CloudsLessons Learned Running The Largest OpenStack Clouds
Lessons Learned Running The Largest OpenStack Clouds
 
Building a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStackBuilding a Dev/Test Cloud with Apache CloudStack
Building a Dev/Test Cloud with Apache CloudStack
 

Destaque

Cloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening RemarksCloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening RemarksAWS Vietnam Community
 
Cloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for KubernetesCloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for KubernetesAWS Vietnam Community
 
Cloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureCloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureAWS Vietnam Community
 
Meetup#6: AWS-AI & Lambda Serverless
Meetup#6: AWS-AI & Lambda Serverless Meetup#6: AWS-AI & Lambda Serverless
Meetup#6: AWS-AI & Lambda Serverless AWS Vietnam Community
 
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSS
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSSCloud Solution Day 2016: Microservices on Mesos & Netflix OSS
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSSAWS Vietnam Community
 
Cloudsolutionday 2016: Docker & FAAS at getvero.com
Cloudsolutionday 2016: Docker & FAAS at getvero.comCloudsolutionday 2016: Docker & FAAS at getvero.com
Cloudsolutionday 2016: Docker & FAAS at getvero.comAWS Vietnam Community
 
Arquitetura Serverless e AWS Lambda - Demo Session
Arquitetura Serverless e AWS Lambda - Demo SessionArquitetura Serverless e AWS Lambda - Demo Session
Arquitetura Serverless e AWS Lambda - Demo SessionAmazon Web Services LATAM
 
Introducing Serverless Computing (20160802)
Introducing Serverless Computing (20160802)Introducing Serverless Computing (20160802)
Introducing Serverless Computing (20160802)Keisuke Nishitani
 
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsJakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsDevSecCon
 
RoboCop: Bringing Law and Order to CI/CD
RoboCop: Bringing Law and Order to CI/CDRoboCop: Bringing Law and Order to CI/CD
RoboCop: Bringing Law and Order to CI/CDFranklin Mosley
 
DevSecOps SG Introduction - August Meetup
DevSecOps SG Introduction - August MeetupDevSecOps SG Introduction - August Meetup
DevSecOps SG Introduction - August MeetupDevSecOpsSg
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introductionStefan Streichsbier
 
Dev seccon london 2016 intelliment security
Dev seccon london 2016 intelliment securityDev seccon london 2016 intelliment security
Dev seccon london 2016 intelliment securityDevSecCon
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryPriyanka Aash
 
Vulnerability Advisor Deep Dive (Dec 2016)
Vulnerability Advisor Deep Dive (Dec 2016)Vulnerability Advisor Deep Dive (Dec 2016)
Vulnerability Advisor Deep Dive (Dec 2016)Canturk Isci
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySeniorStoryteller
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzSeniorStoryteller
 
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessRugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessSeniorStoryteller
 
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)Dominic Tancredi
 
Continuous Security - Thunderplains 2016
Continuous Security - Thunderplains 2016Continuous Security - Thunderplains 2016
Continuous Security - Thunderplains 2016Adam Baldwin
 

Destaque (20)

Cloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening RemarksCloudsolutionday 2016: Opening Remarks
Cloudsolutionday 2016: Opening Remarks
 
Cloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for KubernetesCloud Solution Day 2016: Service Mesh for Kubernetes
Cloud Solution Day 2016: Service Mesh for Kubernetes
 
Cloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless ArchitectureCloudsolutionday 2016: Getting Started with Severless Architecture
Cloudsolutionday 2016: Getting Started with Severless Architecture
 
Meetup#6: AWS-AI & Lambda Serverless
Meetup#6: AWS-AI & Lambda Serverless Meetup#6: AWS-AI & Lambda Serverless
Meetup#6: AWS-AI & Lambda Serverless
 
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSS
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSSCloud Solution Day 2016: Microservices on Mesos & Netflix OSS
Cloud Solution Day 2016: Microservices on Mesos & Netflix OSS
 
Cloudsolutionday 2016: Docker & FAAS at getvero.com
Cloudsolutionday 2016: Docker & FAAS at getvero.comCloudsolutionday 2016: Docker & FAAS at getvero.com
Cloudsolutionday 2016: Docker & FAAS at getvero.com
 
Arquitetura Serverless e AWS Lambda - Demo Session
Arquitetura Serverless e AWS Lambda - Demo SessionArquitetura Serverless e AWS Lambda - Demo Session
Arquitetura Serverless e AWS Lambda - Demo Session
 
Introducing Serverless Computing (20160802)
Introducing Serverless Computing (20160802)Introducing Serverless Computing (20160802)
Introducing Serverless Computing (20160802)
 
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsJakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
 
RoboCop: Bringing Law and Order to CI/CD
RoboCop: Bringing Law and Order to CI/CDRoboCop: Bringing Law and Order to CI/CD
RoboCop: Bringing Law and Order to CI/CD
 
DevSecOps SG Introduction - August Meetup
DevSecOps SG Introduction - August MeetupDevSecOps SG Introduction - August Meetup
DevSecOps SG Introduction - August Meetup
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introduction
 
Dev seccon london 2016 intelliment security
Dev seccon london 2016 intelliment securityDev seccon london 2016 intelliment security
Dev seccon london 2016 intelliment security
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
 
Vulnerability Advisor Deep Dive (Dec 2016)
Vulnerability Advisor Deep Dive (Dec 2016)Vulnerability Advisor Deep Dive (Dec 2016)
Vulnerability Advisor Deep Dive (Dec 2016)
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon Lietz
 
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessRugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for Success
 
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)
 
Continuous Security - Thunderplains 2016
Continuous Security - Thunderplains 2016Continuous Security - Thunderplains 2016
Continuous Security - Thunderplains 2016
 

Semelhante a Cloudsolutionday 2016: Compliance and cost controlling on AWS

Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingPECB
 
ISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptxISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptxMukesh Pant
 
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinPractical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Designing for Privacy in AWS cloud
Designing for Privacy in AWS cloudDesigning for Privacy in AWS cloud
Designing for Privacy in AWS cloudKrzysztof Kąkol
 
Data Privacy By Design with AWS
Data Privacy By Design with AWSData Privacy By Design with AWS
Data Privacy By Design with AWSKrzysztof Kąkol
 
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton ChuvakinPCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices Ivanti
 
Next-Generation IDS: A CEP Use Case in 10 Minutes
Next-Generation IDS: A CEP Use Case in 10 MinutesNext-Generation IDS: A CEP Use Case in 10 Minutes
Next-Generation IDS: A CEP Use Case in 10 MinutesTim Bass
 
Info. Archive Customer Presentation - SSI version
Info. Archive Customer Presentation - SSI versionInfo. Archive Customer Presentation - SSI version
Info. Archive Customer Presentation - SSI versionIBM India Smarter Computing
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On InternetAna Meskovska
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 

Semelhante a Cloudsolutionday 2016: Compliance and cost controlling on AWS (20)

Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
 
ISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptxISMS User_Awareness Training.pptx
ISMS User_Awareness Training.pptx
 
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinPractical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
 
Designing for Privacy in AWS cloud
Designing for Privacy in AWS cloudDesigning for Privacy in AWS cloud
Designing for Privacy in AWS cloud
 
Data Privacy By Design with AWS
Data Privacy By Design with AWSData Privacy By Design with AWS
Data Privacy By Design with AWS
 
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton ChuvakinPCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
PCI 2.0 What's Next for PCI DSS by Dr. Anton Chuvakin
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
 
Next-Generation IDS: A CEP Use Case in 10 Minutes
Next-Generation IDS: A CEP Use Case in 10 MinutesNext-Generation IDS: A CEP Use Case in 10 Minutes
Next-Generation IDS: A CEP Use Case in 10 Minutes
 
Info. Archive Customer Presentation - SSI version
Info. Archive Customer Presentation - SSI versionInfo. Archive Customer Presentation - SSI version
Info. Archive Customer Presentation - SSI version
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
Stu r36 b
Stu r36 bStu r36 b
Stu r36 b
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
 
Trm Vilnius Oais New
Trm Vilnius Oais NewTrm Vilnius Oais New
Trm Vilnius Oais New
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
Ethical solutions services
Ethical solutions servicesEthical solutions services
Ethical solutions services
 

Mais de AWS Vietnam Community

Build multi region data warehouse on AWS - AWSVNUG
Build multi region data warehouse on AWS - AWSVNUGBuild multi region data warehouse on AWS - AWSVNUG
Build multi region data warehouse on AWS - AWSVNUGAWS Vietnam Community
 
Re invent 2018 top 15 launch announcements
Re invent 2018 top 15 launch announcementsRe invent 2018 top 15 launch announcements
Re invent 2018 top 15 launch announcementsAWS Vietnam Community
 
Series Meetup #1: Speech 2: Elastic beanstalk
Series Meetup #1: Speech 2: Elastic beanstalkSeries Meetup #1: Speech 2: Elastic beanstalk
Series Meetup #1: Speech 2: Elastic beanstalkAWS Vietnam Community
 
Series Meetup #1: Speech 1: Computing
Series Meetup #1: Speech 1: Computing Series Meetup #1: Speech 1: Computing
Series Meetup #1: Speech 1: Computing AWS Vietnam Community
 
Build an app on aws for your first 10 million users (2)
Build an app on aws for your first 10 million users (2)Build an app on aws for your first 10 million users (2)
Build an app on aws for your first 10 million users (2)AWS Vietnam Community
 
Vn introduction to cloud computing with amazon web services
Vn introduction to cloud computing with amazon web servicesVn introduction to cloud computing with amazon web services
Vn introduction to cloud computing with amazon web servicesAWS Vietnam Community
 
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWS
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWSMeetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWS
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWSAWS Vietnam Community
 
Cloudsolutionday 2016: How to build a "zero-downtime" web application
Cloudsolutionday 2016: How to build a "zero-downtime" web application Cloudsolutionday 2016: How to build a "zero-downtime" web application
Cloudsolutionday 2016: How to build a "zero-downtime" web application AWS Vietnam Community
 
Meetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesMeetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesAWS Vietnam Community
 
Meetup #5: Architecting for High Availability
Meetup #5: Architecting for High Availability Meetup #5: Architecting for High Availability
Meetup #5: Architecting for High Availability AWS Vietnam Community
 

Mais de AWS Vietnam Community (13)

Data Exchange talk AWSVNUG
Data Exchange talk AWSVNUGData Exchange talk AWSVNUG
Data Exchange talk AWSVNUG
 
Build multi region data warehouse on AWS - AWSVNUG
Build multi region data warehouse on AWS - AWSVNUGBuild multi region data warehouse on AWS - AWSVNUG
Build multi region data warehouse on AWS - AWSVNUG
 
Growth journey 2018 AWSVN
Growth journey 2018 AWSVNGrowth journey 2018 AWSVN
Growth journey 2018 AWSVN
 
Re invent 2018 top 15 launch announcements
Re invent 2018 top 15 launch announcementsRe invent 2018 top 15 launch announcements
Re invent 2018 top 15 launch announcements
 
Vietnam AWS Community Day 2018
Vietnam AWS Community Day 2018Vietnam AWS Community Day 2018
Vietnam AWS Community Day 2018
 
Series Meetup #1: Speech 2: Elastic beanstalk
Series Meetup #1: Speech 2: Elastic beanstalkSeries Meetup #1: Speech 2: Elastic beanstalk
Series Meetup #1: Speech 2: Elastic beanstalk
 
Series Meetup #1: Speech 1: Computing
Series Meetup #1: Speech 1: Computing Series Meetup #1: Speech 1: Computing
Series Meetup #1: Speech 1: Computing
 
Build an app on aws for your first 10 million users (2)
Build an app on aws for your first 10 million users (2)Build an app on aws for your first 10 million users (2)
Build an app on aws for your first 10 million users (2)
 
Vn introduction to cloud computing with amazon web services
Vn introduction to cloud computing with amazon web servicesVn introduction to cloud computing with amazon web services
Vn introduction to cloud computing with amazon web services
 
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWS
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWSMeetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWS
Meetup#7: AWS LightSail - The Simplicity of VPS - The Power of AWS
 
Cloudsolutionday 2016: How to build a "zero-downtime" web application
Cloudsolutionday 2016: How to build a "zero-downtime" web application Cloudsolutionday 2016: How to build a "zero-downtime" web application
Cloudsolutionday 2016: How to build a "zero-downtime" web application
 
Meetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesMeetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practices
 
Meetup #5: Architecting for High Availability
Meetup #5: Architecting for High Availability Meetup #5: Architecting for High Availability
Meetup #5: Architecting for High Availability
 

Último

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Cloudsolutionday 2016: Compliance and cost controlling on AWS

  • 1. Compliance & Cost Controlling Tung Nguyen (tung@fossil.com) (Nov 19, 2016)
  • 2. What for today A sharing from a Misfit insider on Cost controlling Compliance: PCI, ISO 27001, HIPAA In a storytelling manner Not a “how-to,” more of a “how it has been” (aka. “how my life has been effed up”)
  • 3. Terms “Cost” means “Cloud cost” “ISO” means “ISO/IEC 27001”
  • 4. About Misfit ... Since 2011, now part of Fossil Group family
  • 5. … and the speaker Been a Misfit DevOps, for ~3 years
  • 7. Learned Lessons Separate AWS accounts for different environments Tag your resources By asking yourself, e.g.: How much does this project cost? How much does this team cost? Who is handling this specific resource? ---> suggested tags
  • 8. Learned Lessons (cont.) Simplify conversation with non-AWS folks, e.g.: using the approximate understandable unit cost: dollars/EC2-hours EC2 cost last month: $1.3K EC2 hours last month: 7K hours Approx. EC2 unit cost: 1.3/7 = 0.19 $/hour
  • 9. Learned Lessons (cont.) Never underestimate 3rd parties for cost management / cloud governance Spend $2K to save $10K, why not? These vendors will have their ways of evaluating and make guarantees
  • 12. Why compliance? We have a secure environment, for the organization in general, and the development team specifically. We protect customer data by encrypting … ^%& $#$ % )(*&*& Well …. Let’s see how it REALLY is ... WHEN NON-COMPLIANT YOU POTENTIAL CLIENT
  • 13. Why compliance? We are PCI complia... SHUT UP AND TAKE MY !!! WHEN COMPLIANT YOU POTENTIAL CLIENT
  • 14. Why compliance? Protecting your business Getting better business deals
  • 15. What is ... ISO/IEC 27001 (International Organization for Standardization / International Electrotechnical Commission 27001) A management framework to protect business-critical information Via a set of control areas Information Security Policies Organization of Information Security Human Resource Security Asset management Access control
  • 16. What is ... PCI DSS (Payment Card Industry Data Security Standard) A proprietary information security standard for organizations that handle branded credit cards (e.g., Visa, MasterCard, American Express, Discover, JCB) The goal is to increase controls around cardholder data to reduce credit card fraud by ensuring that ALL companies that process, store or transmit credit card information maintain a secure environment
  • 17. What is ... HIPAA (Health Insurance Portability and Accountability Act) The law to protect the confidentiality and security of healthcare information Further background for the United States signed into law in 1996 Our understanding: Personally Identifiable Information (PII) & Protected Health Information (PHI) need to be protected
  • 19. ISO Protects your business information PCI Protects payment card data HIPAA Protects health and personal data
  • 20. Common approach 1. Form up a Compliant team (with/without a Consultant) 2. Conduct gap assessment 3. Identify sub-projects and personnel 4. Implement 5. Maintain (Documents, evidences needed) 6. Assess for compliance (By an independent qualified assessor)
  • 21. How we do ISO PCI HIPAA ● Prioritize and work on the projects/items in common first ● Deal with the rest later Examples: ● Server/software patching process (ISO & PCI) ● Data encyption (HIPAA & ISO)
  • 22. What we do 1. Form up a Compliant team (with/without a Consultant) 2. Conduct gap assessment 3. Identify sub-projects and personnel 4. Implement 5. Maintain (Documents, evidences needed) 6. Assess for compliance (By an independent qualified assessor)
  • 23. What we do (#4. Implementation) Build up UTM (Unified Threat Management) system VPN IDS/IPS (Intrusion Detection/Intrusion Prevention Systems) Eliminate public IP addresses of EC2 instances Perform access control for AWS environments, servers, databases, systems
  • 24. What we do (#4, cont.) Adapt coding standards (e.g., OWASP Top 10, OWASP Secure Coding Practices) Conduct annual trainings for employees on the standards
  • 25. What we do (#4, cont.) Collect and audit system logs Vulnerability scanning/patching Establish server/software patching process Perform and keep track of vulnerability scans/pen tests Remediate vulnerabilities found Proactively patch our systems based on the security announcements
  • 26. What we do (#4, cont.) Review and control access to source codes HR-workflow involved Build up golden images for employees’ computers The same for servers How to deal with different requirements of departments?
  • 27. What we do (#4, cont.) Offices’ IT infrastructure Other non-cloud non-technical requirements Door access controlling HR, again Paper shredders (wait, what?)
  • 29. What we confront The amount of work itself, and time to complete, of course ---> Careful planning and incremental work needed ---> Review your progress, resources frequently The awareness of other teams who indeed need to involve They simply don’t get what you are doing They already have enough on their plate ---> Simple, repeated communication is the key
  • 32. Q&A

Notas do Editor

  1. FUTURE Misfit finds its unique position as the futurist in the family FASHION We see our position as being the perfect accessory to a fashionable life WELLNESS Misfit has its origins in wellness, beginning with our initial fitness-based innovations. At our core, we are driven by the will to inspire change and improve lives—a far broader mission than fitness. We consider the entire picture: exercise, sleep, nutrition, and even the environment. Healthy living, sum total. INTELLIGENCE Misfit is rooted in intelligence. We invest in the humans, the technology, and the data that drive our connection to the world around us. We inhale and exhale that intelligence—a constant dialogue of learning and teaching, giving and receiving, pushing and pulling—to drive the insights and inspirations of our next innovations.
  2. Depends on specific organization, might need: Leadership awareness Cost planning etc.
  3. Cover implementation only
  4. Communication example: Code repository access management (“ISO requirements” vs. “protect our products”)