Archive for October 2012
Avoiding Failures in the Cloud: Part 1: Fully implement cloud-vendor security instruments

By Paul Moxon, Senior Director, Product & Solutions Marketing

Cloud applications are just as apt to fail as on-premise applications, a painful lesson Amazon Web Services users like Netflix, Pinterest, and Instagram learned this year — and users like reddit, TMZ, and Heroku learned as recently as October 23 — after service outages involving Amazon’s Northern Virginia data center shut down its users’ offerings for hours.

Taking the following measures in advance can help minimize the impact of such an outage on your organization:

Fully implement cloud-vendor security instruments

On premise, your IT department can exercise complete control over your firewalls and router configuration, and use multi-layered security zones to protect internal applications.

But when you run IT applications in the cloud, this level of control doesn’t exist.

Fortunately, cloud-application hosts do provide instruments that will allow your IT department to recreate the type of security zone isolation you enjoy on premise, but you have to make sure those instruments are in place and fully leveraged.

Amazon’s Elastic Compute Cloud (EC2), for example, offers a feature called “Security Groups.” A security group acts as a firewall for a set of Amazon Machine Images (AMIs) – virtual application software used to create a virtual machine within EC2 – and allows you to define rules that control the traffic that can access instances assigned to the security group. An instrument like this gives your IT department several advantages when safeguarding against an unexpected outage, including the ability to:

Create a DMZ/firewall-like configuration despite having no control over the cloud’s physical routers.
Isolate and protect the different layers of your application stack.
Provide security against unauthorized access and data loss.

(For Part 2: please click here.)

Anticipating the 2012 AFP Conference

By Susan Feinberg, Director of Financial Services Solutions Enablement, Axway

The annual conference for the Association for Financial Professionals brings together technology providers, the banking industry, and corporate clients in an effort to help all parties enhance efficiency, improve controls, and glean today’s best practices for transferring money and exchanging information.

Discussions about the banking industry’s investment in online and mobile banking have been a recurring trend at the conference over the last few years, but their middle market and smaller corporate clients’ need for truly automated integration has never been adequately addressed.

And that’s top-of-mind for Axway at this year’s conference — how the right technology can enable automated points of integration and ease the banking industry’s ability to respond to their corporate clients’ demands. By the end of the show, attendees will understand how banks can keep their existing clients happy — and win new business — by implementing a flexible and extensible solution to meet current and future integration needs.

I look forward to seeing you there!