cloud security for adobe experience manager hosted on amazon web services

7
Cloud Security and Resilience Development Heroes Enterprise Managed Services evelopment Heroes provides the ideal solution for organizations that require the best in trust, security and performance. With our proven Enterprise Managed Services you get a high performance infrastructure integrated with the most comprehensive security available. All proactively managed by Development Heroes’ 24x7 support team and backed by Amazon Web Services’ (AWS) comprehensive security capabilities, including: Network firewalls built into Amazon VPC. Development Heroes can use the web application firewall capabilities in AWS WAF to create private networks, and control access to your instances and applications • Protect against DDoS attacks using AWS infrastructure, CloudFront, and WAF together to fine tune attack mitigation techniques D KEY BENEFITS ơ A full range of enterprise security features to keep your website data safe ơ Backed by Amazon Web Services ơ Worry free management by a 24x7 team of experts

Upload: joseph-cicchetto

Post on 12-Jan-2017

22 views

Category:

Economy & Finance


1 download

TRANSCRIPT

Page 1: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and ResilienceDevelopment Heroes Enterprise Managed Services

evelopment Heroes provides the ideal solution for organizations that require the best in trust, security

and performance. With our proven Enterprise Managed Services you get a high performance infrastructure integrated with the most comprehensive security available. All proactively managed by Development Heroes’ 24x7 support team and backed by Amazon Web Services’ (AWS) comprehensive security capabilities, including:

• Network firewalls built into Amazon VPC. Development Heroes can use the web application firewall capabilities in AWS WAF to create private networks, and control access to your instances and applications

• Protect against DDoS attacks using AWS infrastructure, CloudFront, and WAF together to fine tune attack mitigation techniques

DKEY BENEFITS

ơ A full range of enterprise security features to keep your website data safe

ơ Backed by Amazon Web Services

ơ Worry free management by a 24x7 team of experts

Page 2: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 2(646) 844-4784

www.developmentheroes.com

• Encryption in transit with TLS across all services except between Dispatcher & Publisher instances as required by Adobe Experience Manager

• Connectivity options that enable private, or dedicated, connections from your office or on-premises environment

DDoS Mitigation Availability is of paramount importance in the cloud. AWS customers benefit from AWS services and technologies built from the ground up to provide resilience in the face of DDoS attacks.

A combination of Development Heroes support and AWS services may be used to implement a defense in depth strategy and thwart DDoS attacks. Services designed with an automatic response to DDoS help minimize time to mitigate and reduce impact.

Related Paper: AWS Best Practices for DDoS Resiliency

Data Encryption By leveraging AWS, our Managed Services provides you with the ability to add an additional layer of security to your data at rest in the cloud, providing scalable and efficient encryption features. Including:

• Data encryption capabilities available in AWS storage and database services (when using Mongo implementation), such as EBS, S3, and Glacier

• Flexible key management options, including AWS Key

“ Availability is of paramount importance in the cloud.”

Page 3: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 3(646) 844-4784

www.developmentheroes.com

“ [Ensure] that your cloud resources comply with organizational standards and best practices”

Management Service, allowing you to choose whether to have AWS manage the encryption keys or enable you to keep complete control over your keys

• Dedicated, hardware-based cryptographic key storage using AWS CloudHSM, allowing you to satisfy compliance requirements

In addition, Development Heroes can integrate any encryption and data protection services developed or deployed to support your specific needs into your AWS environment.

Inventory and Configuration Enterprise Managed Services options can leverage a range of tools to allow you to move fast while still ensuring that your cloud resources comply with organizational standards and best practices. Including:

• A security assessment service, Amazon Inspector, that automatically assesses applications for vulnerabilities or deviations from best practices, including impacted networks, OS, and attached storage

• Deployment tools to manage the creation and decommissioning of AWS resources according to organization standards

• Inventory and configuration management tools, including AWS Config, that identifies AWS resources and then track and manage changes to those resources over time

• Template definition and management tools, including AWS CloudFormation to create standard,

Page 4: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 4(646) 844-4784

www.developmentheroes.com

preconfigured environments reducing recovery times and improving scalability.

Monitoring and Logging Based on your needs, Development Heroes may configure a combination of tools and features within AWS that enable you to see exactly what’s happening in your AWS environment. Including:

• Deep visibility into API calls through AWS CloudTrail, including who, what, who, and from where calls were made

• Log aggregation options, streamlining investigations and compliance reporting

• Alert notifications through Amazon CloudWatch when specific events occur or thresholds are exceeded

• Audit capabilities inside Adobe Experience Manager as well as within the managed infrastructure based on customer-defined IT control keys.

These tools and features give you the visibility you need to spot issues before they impact the business as well as allow you to improve security posture, and reduce the risk profile, of your environment.

Identity and Access ControlOur Managed Services team will work with your organization to define, enforce, and manage user access policies across managed services. Including:

• AWS Identity and Access Management (IAM) lets you

“ Spot issues before they impact the business... improve your security posture”

Page 5: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 5(646) 844-4784

www.developmentheroes.com

define individual user accounts with permissions across AWS resources

• AWS Multi-Factor Authentication for privileged accounts, including options for hardware-based authenticators

• AWS Directory Service allows you to integrate and federate with corporate directories to reduce administrative overhead and improve end-user experience

• Adobe Experience Manager allows you to integrate and federate with corporate directories within the authoring environment to ensure a consistent set of policies and permissions are utilized across both infrastructure and software services

Penetration and Testing At the completion of development engagements we will perform Vulnerability / Penetration Testing to or originating from any AWS resources. There are several important things to note about penetration testing requests:

• Permission is required for all penetration tests.

• Our policy only permits testing of EC2 and RDS instances that you own. Tests against any other AWS services or AWS-owned resources are prohibited

• At this time, our policy does not permit testing small or micro RDS instance types. Testing of m1.small or t1.micro EC2 instance types is not permitted. This is to prevent potential adverse performance impacts on resources that may be shared with other customers.

Page 6: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 6(646) 844-4784

www.developmentheroes.com

Vulnerability / Penetration Testing is available as a stand alone service upon request.

Development Heroes Enterprise Managed Services Make best-in-class implementation, cloud platform hosting, and ongoing support part of your investment in Adobe Experience Manager. Development Heroes is committed to delivering the industry’s leading Managed Services for organizations looking to focus their key staff on strategic initiatives and leave the day-to-day operations to a trusted partner. Our solutions are designed to enable our partners with a higher level of performance, compliance and resiliency through the integration of our people, processes, and technology.

Licensing & Maintenance

Our AEM Enterprise Hosting allows you to utilize your on-premises AEM license while we manage your infrastructure, security, scaling, and environments.

Full-Stack System Management

System management isn’t just hardware and software, it’s the cohesive platform and all of it’s intertwining parts.

• Applications • Infrastructure / OS • Networking

Enterprise Cloud Hosting

Enterprise-grade physical, data, and network security, scalable deployment and 24x7 support, monitoring

Page 7: Cloud Security for Adobe Experience Manager Hosted on Amazon Web Services

Cloud Security and Resilience 7(646) 844-4784

www.developmentheroes.com

and reporting.

Multi-Tier Security

The team at Development Heroes views security from the time code is committed to production all the way through the packets of network traffic being requested of your site.

Adobe AEM Expertise

Not only do we know hosting and infrastructure, but we are experts trusted by Adobe and our clients to design, develop, and architect large-scale enterprise solutions - and we bring that to every hosting client.

Contact Development Heroes for information about

our standard and customized options for Enterprise

Managed Services.

(646) 844-4784

[email protected]