Categories

Tags

The Essential Security Resources That Come with Cloud Infrastructure Services

Throughout my career, I have met many fantastic security professionals. As good as they were, whether they were executives or security-minded infrastructure techs, the fact is that infrastructure – and the attack vectors that come with it – is growing much faster than most people and companies can keep up with. It’s why security is one of the most talked about, yet least understood, topics for SaaS companies and their customers.
 
With Infrastructure as Code (IaC) shops now deploying entire infrastructure solutions in mere minutes the landscape of securing information is complex and fast changing. As security professionals spend countless hours evaluating products and constantly checking for the latest intrusion risks and trends, resources that cannot scale quickly, become the primary bottleneck of maintaining secure infrastructure.
 
Security is a primary concern for me here at Tendril. It’s critical for SaaS companies like Tendril to maintain customer trust, meet regulatory compliance, and ensure data privacy. But security is very resource-intensive. There are simply too many aspects of application and network security that cannot be effectively managed without a large Security Operations Center, large budget for security tools, and resources dedicated to education.
 
This is where today's SaaS companies that run their infrastructure in a cloud environment can realize some not-so-hidden core benefits - we can meet infrastructure security best practices without having to trade off internal bandwidth to ensure the best security for our SaaS solution. Relying on Amazon’s AWS for compute, Tendril is able to leverage network Security Groups (SG), Virtual Private Cloud (VPC), centrally managed Identity Access Management, Multi-Factor Authentication (MFA), and real-time event alerting infrastructure out of the box.
 
Amazon Web Services removes the need for Tendril to monitor and patch hardware systems and devices in network infrastructure. Amazon dedicates teams that are responsible for monitoring the threat landscape, handling security events, and patching software. Under Amazon’s shared security model, AWS takes the necessary measures to remediate vulnerabilities with methods such as patching, deprecation, and revocation. Furthermore, out of the box, the combination of Amazon Cloudfront and Shield, a managed Distributed Denial of Service (DDoS) protection service, helps Tendril combat DDOS attacks, with extensive mitigation techniques for SSL flood and renegotiation-type attacks.
 
What leveraging AWS has meant for us at Tendril is that we can leverage Amazon’s countless engineers and data scientists, who are writing use cases about potential attacks, playing them out and iterating on their security implementations. This enables my team to focus entirely on how to improve our energy application platform, where we can add the most value for our clients. Instead of securing networks, databases, devices and running through infrastructure audits, my team spends our time securing the next Energy Operating System.
 
Tendril’s automated CI/CD methodology requires highly automated access control and configuration management. Using Amazon’s AMIs and Security Groups, we automate creation of systems & environments and securing of services. With these out-of-the-box capabilities, Tendril has built automation of Security Group membership and Security Group access controls into Tendril’s containerized, auto-scaling platform. Through this automation, Tendril is able to reduce risk in areas of manual edits, make changes to potential exposure much quicker, and increase the velocity at which it can deploy secure services.
 
Relying on Amazon’s team to handle large portions of our infrastructure security, we can focus on the unique security challenges faced by our customers. We’re able to solve those issues quickly and in ways we couldn’t before. Building on this robust capability is an ongoing priority of mine, and I look forward to sharing more insights in the coming weeks and months about Tendril’s approach to privacy and solution security.

Related

Categories

Tags

  • Continuous Demand Management
  • Customer Ops & CSAT
  • DERs
  • DSM
  • Data Analytics
  • Demand Response
  • Disruption
  • Energy Efficiency
  • HERs
  • High Bill Alerts
  • Privacy & Security
  • Real Estate
  • Smart Home
  • Solar

    Subscribe to This Feed