27 Feb 2018

AWS Case Study Research Firm Attains Secure High Performance Computing

We recently had the opportunity to work with a privately-held clinical research organization that was interested in updating the systems that its internal team of research scientists uses for data analysis. It was interested in moving to the AWS cloud as the team’s large data-related demands had outgrown its on-premise system and needed the benefit of a highly secure, elastic, high performance computing environment.

Read More
30 Jan 2018

Security in AWS: Flux7’s Take on the New Amazon GuardDuty

Security in AWS: Flux7’s Take on the New Amazon GuardDuty

At re:Invent just a few weeks ago, AWS announced Amazon GuardDuty, to enable secure monitoring. At the time, we lauded the announcement for its ability to grow security in AWS with a more holistic view of security in the cloud. In the past few weeks, we’ve fielded inquiries from several customers asking about the service, its features, and potential fit for their organization. Knowing that their questions may be indicative of a wider interest in the new managed service that monitors and detects malicious or unauthorized behavior across an organization’s AWS infrastructure, we are sharing today our analysis of Amazon GuardDuty.

Read More
12 Sep 2017

How to Effectively Balance DevOpsSec in the AWS Cloud

As AWS DevOps partners, we are often asked the best approach to balance DevOpsSec within AWS environments. What are the AWS and DevOps best practices and how do you build in security in such a way that it propels the business forward? 

Read More
01 Sep 2017

AWS Case Study: Pharmaceutical Migrates R&D Analytics to AWS

We recently had the opportunity to work with a pharmaceutical company that is breaking new ground when it comes to treatments for life-threatening ailments like cancer. Seeking to innovate across the organization -- from R&D to IT -- this company reached out to the DevOps team at Flux7 to help it migrate its Cloudera Hadoop-based analytics systems to AWS. Specifically, the vision was to take all of its diverse data sets to the cloud, establishing a highly available and secure environment where the firm could conduct data modeling and data analysis while protecting sensitive data and ensuring GxP and HIPAA compliance. Read on for the full AWS case study.

Read More
26 Jul 2017

Visual Guide to Configuring Top AWS Config Rules

In our experience working with hundreds of organizations on compliance projects ranging from AWS PCI compliance and AWS HIPAA compliance to internal risk management initiatives, it’s clear that achieving and maintaining compliance is a delicate balance. Too many rules can slow progress and sometimes even cause teams to avoid complying at all. And too few guidelines can obviously result in unwanted fines, or in a worst case scenario, a security vulnerability that causes the business serious harm. Central to establishing and ensuring AWS risk and compliance efforts is the well-known practice of AWS configuration management. It plays a central role in keeping systems in a known, good state and with the application of automation can help organizations strike an optimal balance.

Read More
18 Jul 2017
07 Jul 2017

Good AWS Security Hygiene: Limit Risk With Security by Design

A misconfigured data bucket in AWS Simple Storage Service (S3) led to a Republican contractor’s database of nearly every voter being left exposed on the Internet for 12 days, according to CRN. This news presents an unfortunate reminder of why good AWS security hygiene is important to designing, building and managing AWS environments. In this spirit, we’d like to explore two basic AWS best practices that when built-in can help stave off extreme events like this.

Read More
20 Jun 2017

Fostering Cross Account AWS CodePipelines

AWS automation recently got a boost: the company introduced the ability to build an end-to-end release automation workflow that can deploy changes across multiple regions or different AWS accounts. And they subsequently featured an article on their blog on the steps to create a cross region CodePipeline. Today, however, we want to address the other half of this equation -- building cross account pipelines -- and thought it worthwhile to share with you here when and why we would recommend the benefits of this approach.

Read More
08 Jun 2017

A Technical Look at Managing Secrets using AWS Parameter Store

As systems become more complex, it’s more important than ever to ensure you have a strategy for effective and efficient secrets management. While we will dive into the technical aspects of doing just this within AWS, let’s first review what exactly secrets are and why you need to manage them.

Read More
06 Jun 2017

AWS Organizations: A New Era in Managing AWS Accounts

At re:Invent 2016, AWS announced Organizations, the ability to have and easily manage multiple accounts. Flux7 consultants have long recommended multiple accounts to clients as a best practice for maintaining separation of roles and applications to address security and compliance policies and now it’s even easier with the AWS Organizations Service. Let’s first walk through what makes it so easy and then we’ll share AWS and Flux7 best practices.

Read More

Join Us

Join thousands of technology enthusiasts, subscribe and get expert perspective in your inbox.

Connect With Us

Recent Posts