InfoQ Homepage Compliance Content on InfoQ
-
Enabling Single Tenant Workloads in the Cloud, Microsoft Introduces Azure Dedicated Host
In a recent blog post, Microsoft announced Azure Dedicated Hosts, a service that allows organizations to run Linux and Windows virtual machines on single-tenant physical servers. This service was introduced to address customer compliance and regulatory requirements. Organizations can also take advantage of Azure Hybrid Benefits which allows them to leverage existing software investments.
-
Amazon Releases the Multi-Account Management Service AWS Control Tower to General Availability
Recently, Amazon announced the general availability of AWS Control Tower, a service that automates the process of setting up a new baseline multi-account AWS environment that is secure, and well-architected. With AWS Control Tower, cloud administrators can consistently set-up security and compliance for multi-account AWS environments.
-
A Single Pane of Glass for Compliance and Security with AWS Security Hub GA
Recently, Amazon announced the general availability (GA) of AWS Security Hub, a new security service that provides customers with a central place to manage security and compliance across their AWS environment.
-
Reconciling Kubernetes and PCI DSS for a Modern and Compliant Payment System
Ana Calin, systems engineer at Paybase, gave an experience report at QCon London [slides PDF] on how the end-to-end payments service provider solution managed to achieve PCI DSS level 1 compliance (the highest) with 50+ Node.js microservices running on Google Cloud Kubernetes Engine (GKE), and using Terraform for infrastructure provisioning and Helm for service deployment.
-
AWS Identity and Access Management Gains Tags and Attribute-Based Access Control
Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".
-
XebiaLabs DevOps Platform Provides New Risk and Compliance Capability for Software Releases
XebiaLabs, a provider of DevOps and continuous delivery software tools, has launched new capabilities for custody, security and compliance risk assessment tracking for software releases via their DevOps Platform.
-
Microsoft Announces the General Availability of the Immutable Storage Functionality in Azure Storage
With the immutable storage, feature blobs will be non-erasable and non-modifiable for a specific retention interval. Now Microsoft announced that this new feature is generally available in all public Azure regions after its preview since June of this year.
-
Compliance in an Agile World
Compliance is about making sure that you are doing the right thing and being able to prove it. With agile and frequent deliveries, you need to build compliance into the process of delivery. Making compliance obligation part of the thing that DevOps teams own increases the likelihood of success.
-
AWS Config Gains Cross-Account, Cross-Region Data Aggregation
Amazon Web Services (AWS) recently added the capability to aggregate compliance data produced by AWS Config rules across multiple accounts and/or regions to enable centralized auditing and governance of AWS resources. A new aggregated dashboard view displays non-compliant rules across the organization. Users can then drill down to view details about resources that are violating any rules.
-
Chef Extends OpsWorks Capabilities in AWS
Chef has announced new capabilities to address application lifecycle control concerns in containers in AWS. New functionality includes Chef Automate with integrated compliance and builds on AWS OpsWorks for Chef Automate announced in 2016. OpsWorks for Chef Automate provides a managed Chef server and suite of automation tools.
-
Creating and Enforcing "Policy as Code" with HashiCorp Sentinel
HashiCorp have released Sentinel, an embedded “policy as code” framework that is integrated within the HashiCorp Enterprise products. Sentinel enables “fine-grained, logic-based policy decisions” that can be used to automatically audit and enforce organisational, compliance or security policies when working with Infrastructure as Code and other HashiCorp platform tooling.
-
Q&A With Robert Scherrer: DevOps on the Backbone of the Swiss Financial Center
Starting with a small core team, and a DevOps approach around 5 + 1 dimensions - skills, organization, process, infrastructure, architecture + mindset & attitude - SIX has been transforming how IT and the business work together to break the silos and align themselves along value streams. InfoQ took the opportunity to talk with Robert Scherrer, head of software dev at SIX, about this journey.
-
Cloud Migrations, Highly Regulated Environments, and Making Work Visible: DOES17 London Day Two
At the London DevOps Enterprise Summit 2017 (DOES17) conference, the second morning of keynotes discussed the role DevOps plays when migrating to cloud platforms; the creation and cultivation of effective teams that must work within high-regulatory environments; and how to improve the flow of business value by making work visible.
-
AWS Organizations Offers Centralized Policy-Based Account Management
After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.
-
DevOps Survival in the Highly Regulated Financial Industry
Robert Scherrer, head of application engineering at SIX, on how the company leveraged DevOps principles and benefits in the highly regulated Swiss financial industry. Engaging with compliance auditors to collaboratively agree on solutions early before it's too costly to change and avoiding legacy internal directives (not actually required by external regulations) are the main takeaways.