InfoQ Homepage Compliance Content on InfoQ
-
Logic App Standard Hybrid Deployment Model Public Preview: More Flexibility and Control On-Premise
Microsoft's Logic Apps Hybrid Deployment Model offers unparalleled flexibility for organizations, enabling the execution of workflows on-premises or in private/public clouds. With enhanced local processing, regulatory compliance, and dynamic scalability, businesses can optimize their infrastructure while ensuring data integrity- ideal for sectors like Government, Healthcare, and Manufacturing.
-
AWS Releases User Guide for the Digital Operational Resilience Act (DORA)
Amazon recently released the AWS User Guide to the Digital Operational Resilience Act (DORA). The document details how AWS services support financial entities in complying with DORA's requirements for operational resilience, including ICT risk management, incident reporting, testing, and third-party risk management.
-
Borderless Cloud at QCon London: Q&A with Adora Nwodo
At QCon London, Adora Nkowno, senior software engineer at NexaScale, discussed the complexities of seamlessly integrating multiple clouds into application architecture, deployment processes, and CI/CD pipelines. Her session was part of the Cloud-Native Engineering track on the first day of the conference, and InfoQ did an interview.
-
Amazon Route 53 Resolver Introduces DNS over HTTPS Support for Enhanced Security and Compliance
AWS recently announced that Amazon Route 53 Resolver will support using the Domain Name System (DNS) over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints.
-
AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions
AWS recently added support for detecting unused access granted to IAM roles and users within their AWS IAM Access Analyzer tool. The new analyzer can identify unused roles, unused IAM user access keys and passwords, and unused permissions within a defined usage window. This analysis can be done across accounts within the organization and be controlled from a delegated administrator account.
-
AWS Introduces Dedicated Local Zones for Sovereignty Requirements
AWS has recently introduced Dedicated Local Zones, enabling customers to isolate sensitive workloads to meet their digital sovereignty requirements. This new option is designed for public sector and regulated industry customers who need dedicated infrastructure.
-
Azure Deployment Environments Now Generally Available
At the annual Build conference, Microsoft announced Azure Deployment Environments' general availability (GA). This service allows development teams to create segregated instances within Azure for deploying and managing applications in different stages, such as development, testing, and production, to ensure controlled and consistent deployment processes.
-
How to Build a Successful Cloud Capability on a Heavily Regulated Organization
Ana Sirvent, AWS practice lead at KPMG UK, shared her experience at QCon London on how to work with public cloud on heavily regulated organizations. Sirvent explained how to build trust with security, compliance, and client risk teams while delivering quickly and leveraging cloud services.
-
HashiCorp Policy-as-Code Framework Sentinel Adds Multiple Developer Experience Improvements
HashiCorp has released a number of improvements to Sentinel, their policy-as-code framework. The new features include an improved import configuration syntax, a new static import feature, support for named functions, and per-policy parameter values. There are also new helper functions to determine if a value is undefined.
-
GitHub Adds SBOM Export to Make it Easier to Comply with Security Requirements
GitHub has announced a new SBOM export feature meant to be used as part of security compliance workflows and tools. The new feature allows you to export NTIA-compliant SBOM easily, says GitHub.
-
Spotify Releases Enterprise Plugin Bundle for Backstage
Spotify has released five plugins for Backstage as a purchasable bundle. The five plugins cover a variety of use cases including compliance, access control, employee education and satisfaction, and usage metrics. The plugins are a mix of existing Spotify tooling and new development specifically for this bundle.
-
GitLab Releases Single-Tenant SaaS Offering for Strict Security and Compliance
GitLab has released a new product - GitLab Dedicated - for customers in industries with strict security and compliance requirements wishing to move their DevOps software solutions from on-premise to the cloud.
-
AWS Opens New Region in Spain
AWS recently opened a new region in Spain to offer cloud services in the Iberian Peninsula and address in-country data residency and compliance requirements. The new eu-south-2 region is based in Aragón and has three availability zones.
-
Amazon SNS Introduces Message Data Protection to Discover Sensitive Data in Motion
Amazon SNS recently announced the public preview of message data protection. Identifying PII data and other sensitive information in flight, the new SNS feature leverages pattern matching, machine learning models, and data protection policies to simplify data protection and compliance in applications that exchange high volumes of data.
-
Accelerated Multi-Account Auditing and Compliance in AWS with Steampipe, HCL and SQL
AWS recently examined the use of AWS Insights Mod, based on Steampipe, an open-source tool that defines over 650 queries and displays their results on 84 dashboards.