One of the approaches our AWS Consultants consistently take is Security by Design. By building security in from the beginning--rather than as an afterthought--security rules, processes and controls are inherent to the system. We like to think of it as a race car with the roll cage built into the frame vs. a race car built and the roll cage added afterward. Truthfully, which car would you feel safer helming?
We have been working closely with a customer who is undergoing a business transformation. As a multimedia equipment manufacturer, the organization has a loyal following of its high quality devices. However, like many companies facing the convergence of markets and new customer demands, the company has embarked on a metamorphosis. Traditionally very focused on hardware, their software was largely ignored even though it offered customers real value. Part of the company’s transformation was a move to treat their software like a full-fledged offering, rather than a free supplement. An upcoming product release marked the first (and biggest steps), in cementing this change in company direction.
How Flux7 Helped Increase Developer Productivity with AWS Service Catalog
At Flux7, we are expert at helping healthcare organizations gain a competitive advantage in the market through IT modernization projects that amplify their inherent business strengths. So when were approached by this healthcare organization who sees technology as a competitive advantage, we were quite excited to dive in.
Container technology was a well-read topic on the Flux7 blog in 2016, joining our blog on Continuous Integration Best Practices(CI/CD) and AWS Configuration Management as subject areas that received the most attention from our readers. From hardening containers to container based cloud migration frameworks and Docker-based microservices architecture, our DevOps consultants published a great deal of analysis, advice and best-practice approaches to help our readers achieve success with containers in AWS.
At re:Invent 2016 Werner Vogels, AWS CTO, donned a Transformer shirt to tell us we can be Transformers. And, Andy Jassy, AWS CEO, emphasized in his presentation that we can all be superheroes, with superpowers. This emphasis on the ability to easily control, manage and even transform your AWS environment -- from x-ray vision to immortality -- was a great way to frame the two themes of the show which boiled down to increased ease of use and a greater acceptance for the hybrid cloud model.
Now that the first wave of innovators and early adopters have moved their workloads to the cloud, we are seeing majority, more pragmatist organizations, migrating to the cloud. However, unlike early movers who were willing to navigate the complexity of AWS tools and technology, this second wave of organizations puts a higher premium on ease-of-use. Given that, let’s look at how AWS has done just this through our lens of operations, DevOps and Security.
At this year’s re:Invent, Flux7’s CEO, Aater Suleman, had the great pleasure of presenting with Hemanth Jayaraman, Rent-A-Center’s director of DevOps. (You can watch the full presentation here.) We shared with the audience the story of how we worked with Rent-A-Center to help them address their challenge to architect, deploy, and manage a mission-critical SAP Hybris ecommerce platform that could scale to 6+ million users a month.
AWS recently announced the expansion of the AWS Web Application Firewall (WAF) to include coverage for application load balancers. Working with a wide variety of organizations to design and build secure applications within the AWS cloud, we frequently call upon WAF as a critical component of our solution. In fact, we were recently recognized for having achieved AWS Service Delivery Partner Status for AWS WAF.
Yesterday at re:Invent, we were delighted to be recognized as having achieved AWS Service Delivery Partner status for AWS Web Application Firewall (WAF). As you can see from the news release we issued, the AWS Service Delivery Program is designed to highlight AWS Partner Network (APN) Partners who have a track record of delivering verified customer success for specific Amazon Web Services (AWS) products.
As we discussed recently, AWS microservices are being adopted widely across organizations and industries for their ability to increase service delivery and speed time to market while decreasing team overhead. As organizations begin traveling down the path to a microservices architecture, one hurdle that they often run into is enterprise password management or secret management. For, as the number of microservices increase, so too do the number of credentials—often exponentially so—creating a need for effective and efficient management.
According to Innovative Retail Technologies, 52% of surveyed retailers plan to actively move applications to the cloud this year. The initially tepid response to cloud is waning as retailers learn more about its strengths for availability and innovation. Yet, one question our AWS consultants frequently field from retailers is about achieving AWS PCI Compliance in the cloud. As most readers of this blog know, the Payment Card Industry Data Security Standard, otherwise known as PCI DSS, is an information security standard requiring organizations to incorporate controls around customer data to prevent credit card fraud. There are several ways that AWS helps its retail clients build a foundation for PCI compliance and they’ve recently announced one more in the form of a Quick Start.