Happy Data Privacy Day! An international effort to promote privacy, data protection best practices, and to empower individuals and business to safeguard data, the day is celebrated across the United States, 47 European countries, Canada, and India. It marks the signing in 1981 of the first legally binding, international treaty to deal with data protection and privacy. Technology has only served to underscore the importance of this decades-old treaty.
Kicking off our review of IT Modernization news this week, is a new report by DORA, the DevOps Research and Assessment group, illustrating how DevOps practices pay off for organizations in terms of performance and quality outcomes. In its annual report, DORA adds a new measure, SDO, software delivery and operational performance that measures availability, finding that SDO performance helps organizations achieve competitive advantages like increased profitability, productivity, market share, customer satisfaction, and the ability to achieve organization and mission goals.
Last week we shared several interesting reports on trends in the industry and tools to use to take advantage of them. This week, Forrester issued an intriguing report on high-performing DevOps organizations, what commonalities they share and what low performing organizations have in common. Commissioned by Tricentis, you can download the report here, gratis.
There are two kinds of rogue websites: one created by external organizations looking to subvert a legitimate website by appearing to replace it and the second is a website created by an internal team without obtaining proper approvals. Today we will discuss the latter and how AWS DevOps best practices can remediate the issue--as told through the story of a technology organization we recently worked with.
We are excited to bring you news today that we at Flux7 have achieved our fifth AWS Service Delivery Partner status, this time as an AWS Management Tools launch partner. (Others include AWS Web Application Firewall (WAF), AWS Service Catalog, Amazon CloudFront and Amazon Aurora.) This is an important recognition as the AWS Service Delivery Program only highlights AWS Consulting Partners who have a track record of success delivering verified customer solutions with specific AWS services. Comprised of AWS CloudFormation, Amazon EC2 Systems Manager, AWS CloudTrail and AWS Config, the AWS management tools collectively enable effective and efficient cloud operations management.
In our experience working with hundreds of organizations on compliance projects ranging from AWS PCI compliance and AWS HIPAA compliance to internal risk management initiatives, it’s clear that achieving and maintaining compliance is a delicate balance. Too many rules can slow progress and sometimes even cause teams to avoid complying at all. And too few guidelines can obviously result in unwanted fines, or in a worst case scenario, a security vulnerability that causes the business serious harm. Central to establishing and ensuring AWS risk and compliance efforts is the well-known practice of AWS configuration management. It plays a central role in keeping systems in a known, good state and with the application of automation can help organizations strike an optimal balance.
A misconfigured data bucket in AWS Simple Storage Service (S3) led to a Republican contractor’s database of nearly every voter being left exposed on the Internet for 12 days, according to CRN. This news presents an unfortunate reminder of why good AWS security hygiene is important to designing, building and managing AWS environments. In this spirit, we’d like to explore two basic AWS best practices that when built-in can help stave off extreme events like this.
AWS automation recently got a boost: the company introduced the ability to build an end-to-end release automation workflow that can deploy changes across multiple regions or different AWS accounts. And they subsequently featured an article on their blog on the steps to create a cross region CodePipeline. Today, however, we want to address the other half of this equation -- building cross account pipelines -- and thought it worthwhile to share with you here when and why we would recommend the benefits of this approach.