Category: Security, Identity, & Compliance

Learn how you can securely migrate your data from an on-premises network file system (NFS) to Amazon S3 using AWS DataSync. We’ll also provide guidance on how Trend Micro Cloud One – File Storage Security can be implemented to perform malware scanning, as well as address compliance, needs such as PCI-DSS and HIPAA. Trend Micro is an AWS Security Competency Partner and global leader in cybersecurity, helping make the world safe for exchanging digital information.

Federation using SAML 2.0 enables customers to use their existing external IdP and avoid managing multiple sources of identities when accessing AWS accounts. This post builds on the recommendation of using regional SAML endpoints for failover by showing how you can configure Okta‘s federation with IAM to increase its availability. Learn how to configure Okta, an AWS Security Competency Partner, to utilize multiple regional AWS SAML sign-in endpoints that can be deployed at setup by the Okta admin.

From a single pane of glass in Komprise, you can gain visibility across your data silos, tag files with granular metadata to support easier search for precise data sets, and create intelligent policies to migrate infrequently used data to economical storage targets and/or leverage cloud-based AI/ML services. Walk through the process of using Komprise with Amazon Macie, a fully managed data security and data privacy service that uses machine learning and pattern matching to discover sensitive content such as PII.

Most SaaS solutions which undergo an AWS Foundational Technical Review (FTR) ingest, manage, and store sensitive data. The FTR is a review based on the AWS Well-Architected Framework and enables AWS Partners to identify and remediate risks in their solutions. Learn how to manage and secure sensitive data within their SaaS solutions with a focus on addressing requirements related to PII or PHI requirements in the Foundational Technical Review.

As you consider migrating to VMware Cloud on AWS or have already done so, you could have the requirement to protect web servers residing in a vSphere environment on the AWS global infrastructure. To provide one aspect of security for these workloads, you can leverage the AWS WAF, a web application firewall that helps protect your apps or APIs against common web exploits and bots. AWS WAF provides scanning of designated HTTP/HTTPS traffic to protect against various attacks.

It’s often required for a partner solution running on Amazon Web Services to access AWS accounts owned by their customers (third-party AWS accounts). This kind of access is known as cross-account access. In such scenarios, a cross-account AWS Identity and Access Management (IAM) role with external ID should be used. Explore the best practices for using external ID to avoid the confused deputy problem it is designed to solve.

Learn how to set up Active Directory authentication with authorization for Postgres. Heimdall Data provides synchronization scripts for other databases as well, allowing all Amazon RDS instance types to be supported in a similar way. Using Active Directory authentication allows organizations to standardize their password and authorization management via a globally available authentication store, reducing management overhead and improving security and auditing capabilities.

In the healthcare industry, the exchange of data incurs risks as it contains personally identifiable information (PII) and protected health information (PHI). At the same time, not exchanging the data can keep valuable insights hidden. Apexon’s data anonymization and de-identification solution uses sophisticated machine learning algorithms to ensure the exchange of data happens without any risk of PII/PHI being exposed, while allowing organizations to meet compliance and regulatory requirements.

Amazon EKS and Calico Cloud’s combined solution provides proof of security compliance to meet organizational regulatory requirements, but building and running cloud-native applications in EKS requires communication with other AWS and external third-party services. Learn how you can apply zero-trust workload access controls along with microsegmentation for workloads on EKS, and explore what implementing zero-trust workload access controls and identity-aware microsegmentation means for you.

Both AWS and Deloitte understand that a customer’s cloud journey is different and have their own set of requirements. This is why Deloitte’s Cyber CMS solution provides a wide range of options for businesses to choose from to create the right package for them. Learn how Cyber CMS can help organizations become more trustworthy, resilient, and secure through proactive management of cyber risks.