Boost PC performance: How more available memory can improve productivity
How to protect your IoT data on AWS
1. How to Protect Your
IoT data on AWS
Lahav Savir
Co-founder and CTO
AllCloud
2. A Global Leader in Cloud
Transformation and Adoption for
SaaS, ISV and Enterprises
3. “AWS Managed Service Partners
are skilled at cloud infrastructure
and application migration, and
deliver value to customers by
offering proactive monitoring,
automation, and management of
their customer’s environment.”
https://aws.amazon.com/partners/msp/
http://www.emind.co/msp
AWS Next-Gen (v3) Managed Service Partner (MSP)
4. A “Cloud-native” MSP
Market Guide for Managed Service Providers on Amazon Web Services (Lydia Leong, Oct. 2015)
“Amazon Web Services does not offer
managed services, but many customers want
to use AWS as a cloud IaaS and PaaS platform,
while outsourcing IT operations or application
management. AWS's ecosystem of MSP
partners can fulfill this need.”
https://www.gartner.com/doc/3157620/market-guide-managed-service-providers
“Common Types of MSPs (on AWS) with
Example References
● Cloud-native MSPs. These MSPs were
either founded specifically to provide
services on cloud IaaS, or pivoted to
entirely focus their business on these
services. Many of these MSPs are
AWS-specific. Examples include 2nd
Watch, Cloudnexa, Cloudreach,
Emind and Minjar”
5.
6. 360° Solution for
vending business
● 100s of thousands connected
devices around the world
● GPRS / 3G / Wifi
● Real-Time Data
● PCI-DSS Certified
http://www.emind.co/case-study/nayax-partners-with-emind-to-migr
ate-cashless-service-solutions-to-amazon-cloud/
7. More Than Just A Wireless
Charging Solution.
● 1000s of locations
worldwide
● Driving more traffic to
businesses
● Big-data and real-time
analytics
http://www.emind.co/case-study/powermat-partners-with-emind-to-
fully-manage-their-wireless-charging-services-on-aws/
8. Where there is more data,
there are bound to be more
data breaches!
10. Assessing the Risk:
Yes, the Cloud Can Be
More Secure Than Your
On-Premises Environment
IDC, July 2015
11. Why the Cloud
is more Secure?
● More segmentation
● More encryption
● Stronger
authentication
● More logging and
monitoring
● More managed
platforms
14. Why do you
need
Single Identity?
● Multiple AWS
Accounts
● Multiple Security
Policies
● Multiple Entry Points
● Many Resources
● Multiple 3rd Party
Services
15. Single Identity
Provider
● Single Password
Policy
● Single Lock Policy
● Single OTP
● Single Login Audit
● Same username used
across all resources
18. Corporate
● Corporate Active Directory
● Mix of users and desktops / servers
● 3rd Party SSO / Federation Services
Cloud
● Cloud Active Directory
● Cloud Resources Only
Integration
● One Way Trust between Corp AD and
Cloud AD
19. Login Scenarios
● AWS Console
○ SAML Federation
● VPN
○ Radius
● Jumpbox on EC2
○ Radius / LDAP
● Windows instance on EC2
○ Kerberos / LDAP
● Linux instance on EC2
○ Kerberos / LDAP
You can avoid the IAM Users
23. Direct Connect
Options
● Private Virtual Interface –
Access to VPC
○ Note: VPC Endpoints are
not transitive via VPC
Peering
● Public Virtual Interface –
Access to the region IP
address space (non-VPC
Services)