By Henry Wong, Senior Software Engineer
AWS re:Inforce 2019 is here, and I couldn’t be more excited. As a Software Engineer that lives and breathes security, attending AWS re:Inforce has been my version of ComicCon. And the buzz at the event confirms it’s the same case for a lot of others too!
What is AWS re:Inforce?
AWS re:Inforce is a two-day conference focused on security, identity, and compliance, featuring the world’s leading security experts. The event, which launched for the first time this year, is running in Boston from June 25-26.
What’s the latest in cloud security?
For those who weren’t lucky enough to attend (and missed the livestream) I’ve compiled my top five takeaways from day one. From helpdesk assistants through to software engineers, everyone involved in cloud computing should be aware of the following:
- Security is everyone’s responsibility: We all agree that security should be your company’s priority zero. In fact, security culture isn’t the responsibility of the security team, but everyone in the company. For example, developers should bear security in mind as they are increasingly becoming targets for hackers.
- Serverless computing is the latest trend: Serverless computing (e.g. Lambda, Fargate) is the way of the future. There are many advantages of Serverless, including cost savings as you only pay for the time and resources your function needs to execute. To secure serverless code, the solution needs to move away from agents installed on the servers and should reside in the code.
- Automation is essential : As much as we all want access to the best security talent, the reality is, there are not enough security engineers in the world. Automation (e.g. using CloudWatch events with Lambda) is key to responding to, and preventing, cyberattacks in a timely, consistent fashion.
- AWS delivers the best availability: AWS has more regions and availability zones compared to any other cloud provider. If you’re looking to ensure business continuity with high availability and disaster recovery options—AWS is the best there is. This is important, as AWS CISO Stephen Schmidt noted in his keynote address, availability and security are closely related.
- IoT devices are unencrypted: The scariest takeaway from day one: 90% of IoT devices are unencrypted. Just think about the crucial role IoT devices can play—meters monitoring the delivery of electricity, devices controlling the quality of our water. IoT devices need the same amount of attention to security that traditional applications on the internet currently experience (94% are encrypted with TLS).
Day one has been fun, informative and eye-opening and serves as confirmation that AWS, and FuseForward, are addressing the right issues and concerns to meet the growing security threats of today and tomorrow. I’m excited to see what day two brings!
If you’re looking to secure your workloads on the cloud, we can help. Download our free cloud security checklist, or reach out to us on the contact form below.
FuseForward is an AWS Select Consulting Partner that provides secure cloud environments, AWS managed services and technology solutions for public sector and enterprise customers. Headquartered in Vancouver, Canada, FuseForward provides AWS managed services to customers around the world from our offices in North America, Europe and South Africa.