CloudFormationAs you learned in Chapter 10, “The Performance Efficiency Pillar,” CloudFormation uses templates to let you simultaneously deploy, configure, and document your infrastructure as code. Because CloudFormation templates are code, you can store them in a version-controlled repository just as you would any other codebase. The resources defined by a template compose a stack. When …
Magnetic StorageRDS offers magnetic storage for backward compatibility with older instances. It’s limited to a maximum size of 4 TB and 1,000 IOPS. Read ReplicasIf your database instance doesn’t meet your performance requirements, you have a few options, depending on where the bottleneck is. As mentioned previously, if your memory, compute, network speed, or disk …
IAM IdentitiesThe one identity that comes with every new AWS account is the root user. By default, root has full rights over all the services and resources associated with your account. This makes sense since there would otherwise be no way for you to get things done with the services that lie beyond root control. …
Authentication & Authorization AWS Identity and Access Management-1 Read More »
Third-Party Automation SolutionsOf course, you can also create your own infrastructure automation scripts using Bash or Windows PowerShell. Such scripts can connect directly to your AWS account and launch, manipulate, and delete resource stacks. Besides Bash and PowerShell scripts, third-party configuration management tools such as Puppet, Chef, and Ansible can be used to closely manage …
Optimizing Performance for the Core AWS ServicesThrough the book’s earlier chapters, you experienced the power and flexibility of Amazon’s compute, storage, database, and networking services. You’ve seen how to tune, launch, and administrate those tools to support your applications, and you’re aware of some of the many configuration options that come built-in with the platform. …
PCI DSS applies to merchants and other entities that store, process, and/or transmit cardholder data. While the Council is responsible for managing the data security standards, each payment card brand maintains its own separate compliance enforcement programs. Each payment card brand has defined specific requirements for compliance validation and reporting, such as provisions for performing …
The goal of the PCI Data Security Standard (PCI DSS) is to protect cardholder data and sensitive authentication data wherever it is processed, stored or transmitted. The security controls and processes required by PCI DSS are vital for protecting all payment card account data, including the PAN – the primary account number printed on the …
Security Controls and Processes for PCI DSS Requirements Read More »
The twentieth century U.S. criminal Willie Sutton was said to rob banks because “that’s where the money is.” The same motivation in our digital age makes merchants the new target for financial fraud. Occasionally lax security by some merchants enables criminals to easily steal and use personal consumerfinancial information from payment card transactions and processing …
Protecting Cardholder Data with PCI Security Standards Read More »
Information security management — Guidelines for cyberinsurance 3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO/IEC 27000 and the following apply.ISO and IEC maintain terminological databases for use in standardization at the following addresses:— ISO Online browsing platform: available at https: //www .iso .org/obp— IEC Electropedia: available at …
Information security management — Guidelines for cyberinsurance 4 Structure of this documentGuidelines are given in Clauses 5 to 8.Clause 5 provides information and a general description of cyber-insurance; Clause 6 discusses cyber-risk of an organization that can be covered under a cyber-insurance policy. Both Clause 5 and Clause 6 are of relevance to both the …
