Managed Cloud Security Services and Why you Should Invest in Them

Cloud adoption throughout all industries has become incredibly pervasive in recent years. With cloud management as a relatively newer concept, business organizations may struggle to understand each aspect that is required to effectively run a cloud environment. One aspect that should be involved at every layer of the cloud is security, yet many organizations fail to implement a strong security system in their cloud until an attack happens and it is too late.

A cloud environment and the controls necessary to orchestrate a robust security and governance platform is not the same as your traditional on-premises environment.

The State of Cloud Security Today

As beneficial as the public cloud is for companies globally today, lack of security in the cloud can be a major issue. A report from Sophos indicated that iMost of these attacks are simply from misconfigurations of these organizations’ cloud security. Thus, the attacks can be prevented if configured and managed properly. Orca Security’s 2020 State of Public Cloud Security Report revealed that 80.7% of organizations have at least one neglected, internet-facing workload – meaning the OS is unsupported or unpatched. Attackers can use one small vulnerability as leverage to move across an organization, which is how most data breaches occur.

Managed cloud security services help lay a strong foundation for security in the cloud that is automated and continuous with 24/7 management. With constant management, threats and attacks are detected before they occur, and your business avoids the repercussions that come with security misconfigurations.

What are managed cloud security services?

Managed cloud security services provide security configurations, automation, 24/7 management, and reporting from an external cloud security provider. If an attack should occur, the result is downtime and the loss of money and data. Additionally, the lack of a well-rounded security system can lead to regulatory compliance challenges.

Monitoring and maintaining strong security requires continuous attention to be effective. Employing a managed security service gives businesses the protection they need while simultaneously providing IT departments with additional time to focus on other business concerns. Redirecting cybersecurity efforts to an external provider not only provides IT departments with flexibility, but also reduces costs compared to handling cybersecurity in house. Managing cybersecurity independently creates costs such as staffing, software licensing, hardware, implementation costs, and management costs. All the costs and management required for effective security can be overwhelming and managed security services takes the weight of maintaining the security of your data off your shoulders.

What are the benefits of using cloud security services?

Implementing strong cloud security may seem like an obvious choice for a business to make, but many businesses may not want to devote the time, resources, or money to building and maintaining a strong cybersecurity system. Investing your resources into cloud security is imperative for your business and pays off in the long run.

Five different benefits resulting from a strong cloud security system include:

  • Automation: Once your configurations have been set up, there is reduced reliance on human intervention. This minimizes time spent managing security while also reducing the risk for error.
  • Efficiency: Cloud services improve the security of your data and maintain regulatory compliance through timely patching and automated updates with less downtime.
  • Safety: Data is well-protected with cloud security due to 24/7 monitoring and real-time threat detection.
  • Proactive Defense: Threats are identified quickly and treated proactively in the cloud should an incident occur.
  • Cost-effective: The cloud requires a unique approach to security. While managed cloud security services can seem costly upfront, they prove to be worthwhile in the long run by utilizing expertise that may not be available in-house. Additionally, cloud security services will ensure the safety of your workloads and data, and prevent the costs associated with a data breach.

2nd Watch Managed Cloud Security

At 2nd Watch, we understand cloud security is important at every step of your cloud journey. 2nd Watch has a dedicated Managed Security Team that monitors your cloud environments 24/7/365, remediating vulnerabilities quickly. Rather than putting security on the backburner, we believe security is a pillar of business, and building it into the foundation of a company is important to meet evolving compliance needs in a cost-effective manner.

Companies just getting started in the cloud can rely on 2nd Watch to get security right for them the first time. Even for companies already established in the cloud, we can take an in-depth look at security and compliance maturity, existing capabilities, and growth trajectory to provide a prescriptive security roadmap. No matter where you are in your cloud journey, we ensure your security is well-integrated into your cloud environments.

At 2nd Watch we are with you from beginning to end, monitoring your security even after implementation. At a glance, our end-to-end services include:

  • Security Review: Ensures the proper safeguards are utilized for your multi-cloud environments with a single point of contact for your security needs. Our security assessment and remediation offering can reveal how your cloud security posture stacks up to industry standards such as CIS, GDPR, CCPA, HIPAA, NIST, PCI DSS, and SOC 2.
  • Environment Monitoring: 24/7/365 multi-cloud monitoring protects against the most recent vulnerabilities.
  • Threat Analysis: Managed Reliability Operations Center (ROC) proactively analyzes and remediates potential threats.
  • Issue Resolution: Identified issues are quickly resolved providing enterprise class and proactive defense.

Other solutions we provide include:

Security should be integrated into every layer of your public cloud infrastructure. We can help you achieve that through our comprehensive suite of security services and a team of experts that cares about your success in the cloud. To learn more about our managed cloud security services, visit our Cloud, Compliance, Security, & Business Continuity page or talk to someone directly through our Contact Us page.

-Tessa Foley, Marketing


Why Media Companies Should Adopt the Cloud

The Advantages of Cloud Computing for Media & Entertainment

We are living in a revolutionary era of digital content and media consumption. As such, media companies are reckoning with the new challenges that come with new times. One of the biggest changes in the industry is consumer demand and behavior. To adapt, M&E brands need to digitally transform their production, distribution, and monetization processes. Cloud solutions are a crucial tool for this evolution, and M&E organizations should prioritize cloud strategy as a core pillar of their business models to address industry-wide shifts and stay relevant in today’s ultra-competitive landscape.

The Challenge: Addressing Greater Audience Expectations and Volatility

Viewing behavior and media distribution has greatly impacted the M&E industry. Entertainment content consumption is at an all-time high, and audiences are finding new and more ways to watch media. Today, linear television is considered old-school, and consumers are favoring platforms that give them the power of choice and freedom. Why would you tune in to your cable television at a specific time to watch your favorite show when you can watch that same show anytime, anywhere, on any device or platform?

With new non-linear television services, media companies have less control over their audiences’ viewing experience. Before, viewers were constrained by broadcasting schedules and immobile, unconnected TVs. Now, audiences have taken viewership into their own hands, and M&E brands must discover ways to retain their viewers’ attention and loyalty in the era of endless options of content creators and streaming platforms.

The Cloud Has the Flexibility and Scalability to Handle Complex Workflows

OTT streaming services are the most popular alternative to linear television broadcasting. It is a solution that meets the audience’s expectation of access to content of their choosing whenever and wherever they want. However, OTT platforms require formatting multiple video files to be delivered to any device with varying connection speeds. As such, OTT streaming services need advanced video streaming workflows that encode and transcode, protect content, and possess storage capacities that continuously grow.

Because OTT broadcasting has complicated workflows and intense infrastructure needs, M&E companies need to consider scalability. OTT streaming that utilizes on-premises data centers will stymie growth for media organizations because legacy applications and software are resource and labor intensive. When OTT services are set up with on-premises streaming, it requires a group of configured live encoding and streaming services to deliver content to audiences.

The in-house services then need to have the computing capacity and capabilities in order to deliver content without interruptions. On top of that, technical staff are necessary to maintain the proprietary hardware, ensure its security, and continuously upgrade it as audiences grow. If companies opt for on-premises OTT streaming, they will not be able to achieve the scalability and quality of experience that they need to keep up with audience expectations.

A cloud-based infrastructure solves all of these issues. To reiterate, on-premises OTT platforms are very resource-intensive with complex ongoing maintenance and high upfront costs. Using cloud services for OTT streaming addresses the downfalls of on-premises streaming by leveraging a network for services dedicated to delivering video files. The benefits of cloud computing for OTT workflows immensely impact streaming latency and distribution, leading to a better end user experience. Cloud infrastructures have the following advantages to on-premises infrastructure:

  • Geography: Unlike in-house data centers, cloud servers can be located around the world, and content can be delivered to audiences via the closest data center, thereby reducing streaming latency.
  • Encoding and transcoding: Cloud services have the ability and capacity to host rendered files and ensure they are ready for quick delivery.
  • Flexible scalability: Providers can easily scale services up or down based on audience demands by simply adding more cloud resources, rather than having to purchase more infrastructure.
  • Cost optimization: Cloud cost is based on only the resources a business uses with none of the maintenance and upkeep costs, and the price adjusts up or down depending on how much is consumed. on-premises costs include server hardware, power consumption, and space. Furthermore, on-premises is inflexible based on actual consumption.

The Cloud Can Help You Better Understand Your Audiences to Increase Revenue

Another buzzword we hear often these days is “big data.” As audiences grow and demonstrate complex behaviors, it’s important to capture those insights to better understand what will increase engagement and loyalty. Cloud computing is able to ingest and manage big data in a way that is actionable: it is one thing to collect data, but it is another thing to process and do something with it. For M&E organizations, utilizing this data helps improve user experiences, optimize supply chains, and monetize content better.

Big data involves manipulating petabytes of data, and the scalable nature of a cloud environment makes it possible to deploy data-intensive applications that power business analytics. The cloud also simplifies connectivity and collaboration within an organization, which gives teams access to relevant and real time analytics and streamlines data sharing. Furthermore, most public cloud providers offer machine learning tools, which makes processing big data even more efficient.

From a data standpoint, a cloud platform is an advantageous option for those who are handling big data and want to make data-driven decisions. The compelling benefits of cloud computing for data are as follows:

  • Faster scalability: Large volumes of both structured and unstructured data requires increased processing power, storage, and more. The cloud provides not only readily-available infrastructure, but also the ability to scale this infrastructure very rapidly to manage large spikes in traffic or usage.
  • Better analytic tools: The cloud offers a number of instant, on demand analytic tools that enable extract, transform, and loading (ETL) of massive datasets to provide meaningful insights quickly.
  • Lowers cost of analytics: Mining big data in the cloud has made the analytics process less costly. In addition to the reduction of on-premises infrastructure, companies are reducing costs related to system maintenance and upgrades, energy consumption, facility management, and more when switching to a cloud infrastructure. Moreover, the cloud’s pay-as-you-go model is more cost-efficient, with little waste of resources.
  • Better resiliency: In cases of cyber-attacks, power outages or equipment failure, traditional data recovery strategies are slow, complex, and risky. The task of replicating a data center (with duplicate storage, servers, networking equipment, and other infrastructure) in preparation for a disaster is tedious, difficult, and expensive. On top of that, legacy systems often take very long to back up and restore, and this is especially true in the era of big data and large digital content libraries, when data stores are so immense and expansive. Having the data stored in cloud infrastructure will allow your organization to recover from disasters faster, thus ensuring continued access to information and vital big data insights.

The Cloud is Secure

There is a misconception that the public cloud is less secure than traditional data centers. Of course, these are valid concerns: media companies must protect sensitive data, such as customers’ personally identifiable information. As a result, security and compliance is crucial for an M&E business’s migration to the cloud.

We have read about cloud security breaches in news headlines. In most cases, these articles fail to accurately point out where the problem occurred. Usually, these breaches occur not due to the security of the cloud itself, but due to the policies and technologies for security and control of the technology. In nearly all cases, it is the user, not the cloud provider, who fails to manage the controls used to protect an organization’s data. The question for M&E business should not be “Is the cloud secure?” but rather “Am I using the cloud securely?”

Whether M&E organizations use a public cloud, private cloud, or hybrid cloud, they can be confident in the security of their data and content. Here is how the cloud is as secure, if not more secure, than in-house data centers:

  • Cloud architecture is homogenous: In building their data centers, cloud providers used the same blueprint and built-in security capabilities throughout their fabrics. The net effect is a reduced attack footprint and fewer holes to exploit since the application of security is ubiquitous.
  • Public cloud providers invest heavily in security measures: The protection of both the infrastructure and the cloud services is priority one and receives commensurate investment. Public cloud providers collectively invest billions in security research, innovation, and protection.
  • Patching and security management is consistent: Enterprises experience security breaches most often because of errors in configuration and unpatched vulnerabilities. Public cloud providers are responsible for the security of the cloud, which includes patching of infrastructure and managed services.

-Anthony Torabi, Strategic Account Executive, Media & Entertainment


Simple & Secure Data Lakes with AWS Lake Formation

Data is the lifeblood of business. To help companies visualize their data, guide business decisions, and enhance their business operations requires employing machine learning services. But where to begin. Today, tremendous amounts of data are created by companies worldwide, often in disparate systems.

These large amounts of data, while helpful, don’t necessarily need to be processed immediately, yet need to be consolidated into a single source of truth to enable business value. Companies are faced with the issue of finding the best way to securely store their raw data for later use. One popular type of data store is referred to as a “data lake” and is very different from the traditional data warehouse.

Use Case: Data Lakes and McDonald’s

McDonald’s brings in about 1.5 million customers each day, creating 20-30 new data points with each of their transactions. The restaurant’s data comes from multiple data sources including a variety of data vendors, mobile apps, loyalty programs, CRM systems, etc. With all this data to use from various sources, the company wanted to build a complete perspective of a CLV and other useful analytics. To meet their needs for data collection and analytics, McDonald’s France partnered with 2nd Watch. The data lake allowed McDonald’s to ingest data into one source, reducing the effort required to manage and analyze their large amounts of data.

Due to their transition from a data warehouse to a data lake, McDonald’s France has greater visibility into the speed of service, customer lifetime value, and conversion rates. With an enhanced view of their data, the company can make better business decisions to improve their customers’ experience. So, what exactly is a data lake, how does it differ from a data warehouse, and how do they store data for companies like McDonald’s France?

What Is a Data Lake?

A data lake is a centralized storage repository that holds a vast amount of raw data in its native format until it is needed for use. A data lake can include any combination of:

  • Structured data: highly organized data from relational databases
  • Semi-structured data: data with some organizational properties, such as HTML
  • Unstructured data: data without a predefined data model, such as email

Data lakes are often mistaken for data warehouses, but the two data stores cannot be used interchangeably. Data warehouses, the more traditional data store, process and store your data for analytical purposes. Filtering data through data warehouses occurs automatically, and the data can arrive from multiple locations. Data lakes, on the other hand, store and centralize data that comes in without processing it. Thus, there is no need to identify a specific purpose for the data as with a data warehouse environment. Your data, whether in its original form or curated form, can be stored in a data lake. Companies often choose a data lake for their flexibility in supporting any type of data, their scalability, analytics, machine learning capabilities, and low costs.

While data warehouses are appealing for their element of automatically curated data and fast results, data lakes can lead to several areas of improvement for your data and business including:

  • Improved customer interactions
  • Improved R&D innovation choices
  • Increase operational efficiencies

Essentially, a piece of information stored in a data lake will seem like a small drop in a big lake. Due to the lack of organization and security that tends to occur when storing large quantities of data in data lakes, this storing method has received some criticism. Additionally, setting up a data lake can be time- and labor-intensive, often taking months to complete. This is because, when built the traditional way, there are a series of steps that need to be completed and then repeated for different data sets.

Even once fully architected, there can be errors in the setup due to your data lakes being manually configured over an extended period. An important piece to your data lake is a data catalog, which uses machine learning capabilities to recognize data and create a universal schema when new datasets come into your data lake. Without defined mechanisms and proper governance, your data lake can quickly become a “data swamp,” where your data becomes hard to manage, analyze, and ultimately becomes unusable. Fortunately, there is a solution to all these problems. You can build a well-architected data lake in a short amount of time with AWS Lake Formation.

AWS Lake Formation and Its Benefits

Traditionally, data lakes were set up as on-premises deployments before people realized the value and security provided by the cloud. These on-premises environments required continual adjustments for things like optimization and capacity planning—which is now easier due to cloud services like AWS Lake Formation. Deploying data lakes in the cloud provides scalability, availability, security, and faster time to build and deploy your data lake.

AWS Lake Formation is a service that makes it easy to set up a secure data lake in days, saving your business a lot of time and effort to focus on other aspects of your business. While AWS Lake Formation significantly cuts down the time it takes to set up your data lake, it is built and deployed securely. Additionally, AWS Lake Formation enables you to break down data silos and combine a variety of analytics to gain data insights and ultimately guide better business decisions. The benefits delivered by this AWS service are:

  • Build data lakes quickly: To build a data lake in Lake Formation, you simply need to import data from databases already in AWS, other AWS sources, or from other external sources. Data stored in Amazon S3, for example, can be moved into your data lake, where your crawl, catalog, and prepare your data for analytics. Lake Formation also helps transform data with AWS Glue to prepare it for quality analytics. Additionally, with AWS’s FindMatches, data can be cleaned and deduplicated to simplify your data.
  • Simplify security management: Security management is simpler with Lake Formation because it provides automatic server-side encryption, providing a secure foundation for your data. Security settings and access controls can also be configured to ensure high-level security. Once configured with rules, Lake formation enforces your access controls. With Lake Formation, your security and governance standards will be met.
  • Provide self-service access to data: With large amounts of data in your data lake, finding the data you need for a specific purpose can be difficult. Through Lake Formation, your users can search for relevant data using custom fields such as name, contents, and sensitivity to make discovering data easier. Lake Formation can also be paired with additional AWS services, such as Amazon Athena, Amazon Redshift, and Amazon EMR. For example, queries can be run through Amazon Athena using data that is registered with Lake Formation.

Building a data lake is one hurdle, but building a well-architected and secure data lake is another. With Lake Formation, building and managing data lakes is much easier. On a secure cloud environment, your data will be safe and easy to access.

2nd Watch has been recognized as a Premier Consulting Partner by AWS for nearly a decade and our engineers are 100% certified on AWS. Contact us to learn more about AWS Lake Formation or to get assistance building your data lake.


Riding the Digital Transformation: Why Enterprises Are Reengineering Their Cloud Infrastructure

Post 2020, how are you approaching the cloud? The rapid and unexpected digital transformation of 2020 forced enterprises worldwide to quickly mobilize workers using cloud resources. Now, as the world returns to an altered normal, it’s time for organizations to revisit their cloud infrastructure components with a fresh perspective. Hybrid work environments, industry transformations, changing consumer behavior, and growing cyber threats have all effected the way we do business. Now it might be time to change your cloud.

Risk mitigation at scale

Avoiding potential missteps in your strategy requires both wide and narrow insights. With the right cloud computing infrastructure, network equipment, and operating systems, organizations can achieve better risk mitigation and management with cloud scalability. As you continue to pursue business outcomes, you have to solve existing problems, as well as plan for the future. Some of these problems include:

  • Scaling your cloud platform and infrastructure services quickly to keep up with increasing and/or unexpected demand.
  • Maximizing cloud computing services and computing power to accommodate storage, speed, and resource demands.
  • Prioritizing new and necessary investments and delivery models within a fixed budget.
  • Innovating faster to remain, or gain, competitive advantage.

Overall, to avoid risk, you need to gain efficiency, and that’s what the cloud can do. Cloud infrastructure, applications, and Software as a Service (SaaS) solutions are designed to decrease input, and increase output and effectiveness. The scalability of cloud services allows enterprises to continue growing and innovating, without requiring heavy investments. With continuous cloud optimization, you’re positioned to adapt, innovate, and succeed regardless of the unknown future.

Application modernization for data leverage

Much of the digital transformation started with infrastructure modernization and the development of IaaS as a base line. Now, application modernization is accelerating alongside a changing migration pattern. What used to be simply ‘lift and shift’ is now ‘lift and evolve.’ Enterprises want to collaborate with cloud experts to gain a deeper understanding of applications as they become more cloud native. With a constant pipeline of new applications and services, organizations need guidance to avoid cloud cost sprawl and streamline environment integration.

As application modernization continues, organizations are gaining access to massive amounts of data that are enabling brand new opportunities. This requires a new look at database architectures to make sure you’re unlocking value internally and potentially, externally. While application modernization and database architecture are interconnected, they can also transform separately. We’re starting to see people recognize the importance of strategic cloud transformations that include the entire data footprint – whether it’s the underlying architecture, or the top level analytics.

Organizations are getting out of long-term licensing agreements, monetizing their data, gaining flexibility, cutting costs, and driving innovation, customer value, and revenue. Data is pulled from, and fed into, a lot of different applications within constantly changing cloud environments, which brings both challenges and opportunities. Enterprises must transform from this to that, but the end goal is constantly changing as well. Therefore continuous motion is necessary within the digital transformation.

Changing core business strategies

One thing is for sure about the digital transformation – it’s not slowing down. Most experts agree that even after pandemic safety precautions are eliminated, the digital transformation will continue to accelerate. After seeing the speed of adoption and opportunities in the cloud, many enterprises are reevaluating the future with new eyes. Budgets for IT are expanding, but so is the IT skills gap and cybersecurity incidents. These transitions present questions in a new light, and enterprises should revisit their answers.

  • Why do you still have your own physical data center?
  • What is the value in outsourcing? And insourcing?
  • How has your risk profile changed?
  • How does data allow you to focus on your core business strategy?

Answering these questions has more enterprises looking to partner with, and learn from, cloud experts – as opposed to just receiving services. Organizations want and need to work alongside cloud partners to close the skills gap within their enterprise, gain skills for internal expansion in the future, and better understand how virtualized resources can improve their business. It’s also a way to invest in your employees to reduce turn-over and encourage long-term loyalty.

Security and compliance

At this point with security, compliance, and ensuring business continuity, enterprises must have solutions in place. There is no other way. Ransomware and phishing attacks have been rising in sophistication and frequency year-over-year, with a noticeable spike since remote work became mainstream. Not only does your internal team need constant training and regular enforcement of governance policies, but there’s a larger emphasis on how your network protections are set up.

Regardless of automation and controls, people will make mistakes and there is an inherent risk in any human activity. In fact, human error is the leading cause of data loss with approximately 88% of all data breaches caused by an employee mistake. Unfortunately, the possibility of a breaches is often made possible because of your internal team. Typically, it’s the manner in which the cloud is configured or architected that creates a loophole for bad actors. It’s not that the public cloud isn’t secure or compliant, it’s that it’s not set up properly. This is where many enterprises are outsourcing data protection to avoid damaging compliance penalties, guarantee uninterrupted business continuity, and maintain the security of sensitive data after malicious or accidental deletion, natural disaster, or in the event that a device is lost, stolen or damaged.

Next steps: Think about day two

Enterprises who think of cloud migration as a one-and-done project – we were there, and now we’re here – aren’t ready to make the move. The cloud is not the answer. The cloud is an enabler to help organizations get the answers necessary to move in the direction they desire. There are risks associated with moving to the cloud – tools can distract from goals, system platforms need support, load balancers have to be implemented, and the cloud has to be leveraged and optimized to be beneficial long-term. Without strategizing past the migration, you won’t get the anticipated results.

It can seem overwhelming to take on the constantly changing cloud (and it certainly can be), but you don’t have to do it alone! Keep up with the pace and innovation of the digital transformation, while focusing on what you do best – growing your enterprise – by letting the experts help. 2nd Watch has a team of trusted cloud advisors to help you navigate cloud complexities for successful and ongoing cloud modernization. As an Amazon Web Services (AWS) Premier Partner, a Microsoft Azure Gold Partner, and a Google Cloud Partner with over 10 years’ experience, 2nd Watch provides ongoing advisory services to some of the largest companies in the world. Contact Us to take the next step in your cloud journey!

-Michael Elliott, Director of Marketing


Well-Architected Framework Reviews

“Whatever you do in life, surround yourself with smart people who argue with you.” – John Wooden

Many AWS customers and practitioners have leveraged the Well-Architected Framework methodology in building new applications or migrating existing applications. Once a build or migration is complete, how many companies implement Well-Architected Framework reviews and perform those reviews regularly? We have found that many companies today do not conduct regular Well Architected Framework reviews and as a result, potentially face a multitude of risks.

What is a Well-Architected Framework?

The Well-Architected Framework is a methodology designed to provide high-level guidance on best practices when using AWS products and services. Whether building new or migrating existing workloads, security, reliability, performance, cost optimization, and operational excellence are vital to the integrity of the workload and can even be critical to the success of the company. A review of your architecture is especially critical when the rate of innovation of new products and services are being created and implemented by Cloud Service Providers (CSP).

2nd Watch Well-Architected Framework Reviews

At 2nd Watch, we provide  Well-Architected Framework reviews for our existing and prospective clients. The review process allows customers to make informed decisions about architecture decisions, the potential impact those decisions have on their business, and tradeoffs they are making. 2nd Watch offers its clients free Well-Architected Framework reviews—conducted on a regular basis—for mission-critical workloads that could have a negative business impact upon failure.

Examples of issues we have uncovered and remediated through Well-Architected Reviews:

  • Security: Not protecting data in transit and at rest through encryption
  • Cost: Low utilization and inability to map cost to business units
  • Reliability: Single points of failure where recovery processes have not been tested
  • Performance: A lack of benchmarking or proactive selection of services and sizing
  • Operations: Not tracking changes to configuration management on your workload

Using a standard based methodology, 2nd Watch will work closely with your team to thoroughly review the workload and will produce a detailed report outlining actionable items, timeframes, as well as provide prescriptive guidance in each of the key architectural pillars.

In reviewing your workload and architecture, 2nd Watch will identify areas of improvement, along with a detailed report of our findings. A separate paid engagement will be available to clients and prospects who want our AWS Certified Solutions Architects and AWS Certified DevOps Engineer Professionals to remediate our findings. To schedule your free Well-Architected Framework review, contact 2nd Watch today.

 

— Chris Resch, EVP Cloud Solutions, 2nd Watch


2nd Watch Enterprise Cloud Expertise On Display at AWS re:Invent 2017

AWS re:Invent is less than twenty days away and 2nd Watch is proud to be a 2017 Platinum Sponsor for the sixth consecutive year.  As an Amazon Web Services (AWS) Partner Network Premier Consulting Partner, we look forward to attending and demonstrating the strength of our cloud design, migration, and managed services offerings for enterprise organizations at AWS re:Invent 2017 in Las Vegas, Nevada.

About AWS re:Invent

Designed for AWS customers, enthusiasts and even cloud computing newcomers, the nearly week-long conference is a great source of information and education for attendees of all skill levels. AWS re:Invent is THE place to connect, engage, and discuss current AWS products and services via breakout sessions ranging from introductory and advanced to expert as well as to hear the latest news and announcements from key AWS executives, partners, and customers. This year’s agenda offers a full additional day of content for even more learning opportunities, more than 1,000 breakout sessions, an expanded campus, hackathons, boot camps, hands-on labs, workshops, expanded Expo hours, and the always popular Amazonian events featuring broomball, Tatonka Challenge, fitness activities, and the attendee welcome party known as re:Play.

2nd Watch at re:Invent 2017

 2nd Watch has been a Premier Consulting Partner in the AWS Partner Network (APN) since 2012 and was recently named a leader in Gartner’s Magic Quadrant for Public Cloud Infrastructure Managed Service Providers, Worldwide (March 2017). We hold AWS Competencies in Financial Services, Migration, DevOps, Marketing, and Commerce, Life Sciences and Microsoft Workloads, and have recently completed the AWS Managed Service Provider (MSP) Partner Program Audit for the third year in a row. Over the past decade, 2nd Watch has migrated and managed AWS deployments for companies such as Crate & Barrel, Condé Nast, Lenovo, Motorola, and Yamaha.

The 2nd Watch breakout session—Continuous Compliance on AWS at Scale—will be led by cloud security experts Peter Meister and Lars Cromley. The session will focus on the need for continuous security and compliance in cloud migrations, and attendees will learn how a managed cloud provider can use automation and cloud expertise to successfully control these issues at scale in a constantly changing cloud environment. Registered re:Invent Full Conference Pass holders can add the session to their agendas here.

In addition to our breakout session, 2nd Watch will be showcasing our customers’ successes in the Expo Hall located in the Sands Convention Center (between The Venetian and The Palazzo hotels).  We invite you to stop by booth #1104 where you can explore 2nd Watch’s Managed Cloud Solutions, pick up a coveted 2nd Watch t-shirt and find out how you can win one of our daily contest giveaways—a totally custom 2nd Watch skateboard!

Want to make sure you get time with one of 2nd Watch’s Cloud Journey Masters while at re:Invent?  Plan ahead and schedule a meeting with one of 2nd Watch’s AWS Professional Certified Architects, DevOps, or Engineers.  Last but not least, 2nd Watch will be hosting its annual re:Invent after party on Wednesday, November 29. If you haven’t RSVP’d for THE AWS re:Invent Partner Party, click here to request your invitation (Event has passed)

AWS re:Invent is sure to be a week full of great technical learning, networking, and social opportunities.  We know you will have a packed schedule but look forward to seeing you there!  Be on the lookout for my list of “What to Avoid at re:Invent 2017” in the coming days…it’s sure to help you plan for your trip and get the most out of your AWS re:Invent experience.

 

–Katie Laas-Ellis, Marketing Manager, 2nd Watch

 

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About 2nd Watch

2nd Watch is an AWS Premier tier Partner in the AWS Partner Network (APN) providing managed cloud to enterprises. The company’s subject matter experts, software-enabled services and cutting-edge solutions provide companies with tested, proven, and trusted solutions, allowing them to fully leverage the power of the cloud. 2nd Watch solutions are high performing, robust, increase operational excellence, decrease time to market, accelerate growth and lower risk. Its patent-pending, proprietary tools automate everyday workload management processes for big data analytics, digital marketing, line-of-business and cloud native workloads. 2nd Watch is a new breed of business which helps enterprises design, deploy and manage cloud solutions and monitors business critical workloads 24×7. 2nd Watch has more than 400 enterprise workloads under its management and more than 200,000 instances in its managed public cloud. The venture-backed company is headquartered in Seattle, Washington. To learn more about 2nd Watch, visit www.2ndwatch.com or call 888-317-7920.


Current IoT Security Threat Landscape

By Paul Fletcher, Alert Logic

The “Internet of Things” (IoT) is a broadly accepted term which basically describes any Internet-connected devices (usually via Wi-Fi) that isn’t a traditional computer system.  These connected, IoT devices offer many conveniences for everyday life.  Also, it’s difficult to remember how life was before you could check email, weather and stream live video using a smart TV.  It’s now considered commonplace for a smart refrigerator to send you a text every morning with an updated shopping list.  We can monitor and manage the lights, thermostat, doors, locks and web cameras from wherever we may roam, thanks to smartphone apps and the proliferation of our connected devices.

With this added convenience comes a larger digital footprint, which makes for a larger target for attackers to discover other systems on your network, steal data or seize control of your DVR.  The hacker community is just getting warmed up in regards to attacking IoT devices.  There are a lot of fun things hackers can do with vulnerable connected devices and/or “smart” homes.  The early attacks were just about exploring, hackers would simulate ghosts by having all the lights in the house go on and off in a pattern, turn the heater on during the summer and the air conditioning in the winter or make the food inside the fridge go bad with the change of a few temperature levels.

The current IoT security threat landscape has grown more sophisticated recently and we’ve seen some significant attacks.  The most impactful IoT-based cyber attack happened on Oct. 21, 2016, when a hacker group activated 10% of their IoTBotNet, with malware called “Mirai.”  Approximately 50,000 web cameras and DVR systems launched a massive DDoS attack on the Dyn DNS Service, disrupting Internet services for companies like Spotify, Twitter, Github and others for more than 8 hours.  The attackers only used 10% of the 500,000 DVR’s and Web Camera’s infected by the malware, but cause monetary damage to customers of the Dyn DNS service.  A few months later, attackers launched a new IoT-specific malware called “Persirai” that infected over 100,000 web cameras.  This new malware comes complete with a sleek detection avoidance feature.  Once the malware executes on the web cam it only runs in the RAM memory space and deletes the original infection file, making it extremely difficult to detect.

The plain, cold truth is that most IoT manufacturers use stripped down versions of the Linux (and possibly Android) operating system, because the OS requires minimal system resources to operate.  ALL IoT devices have some version of an operating system and are therefore; “lightweight” computers.  Since most IoT devices are running some form of Linux or Android operating system, this means that they have vulnerabilities that are researched and discovered on an on-going basis.  So, yes, it’s possible that you may have to install a security patch for your refrigerator or coffee maker.

Special-purpose computer systems with customized versions of operating systems have been around for decades.  The best example of this is old school arcade games or early gaming consoles.  The difference today is that these devices now come with fast, easy connectivity to your internal network and the Internet.  Most IoT manufacturers don’t protect the underlying operating system on their “smart” devices and consumers shouldn’t assume it’s safe to connect a new device to their network.  Both Mirai and Persirai compromised IoT devices using simple methods like default usernames and passwords.  Some manufacturers feel like their devices are so “lightweight” that their limited computing resources (hard drive, RAM etc.) wouldn’t be worth hacking, because they wouldn’t provide much firepower for an attacker.  The hacking community repeatedly prove that they are interested in ANY resource (regardless of capacity) they can leverage.

When an IoT device is first connected to your network (either home or office), it will usually try to “call home” for software updates and/or security patches.  It’s highly recommended that all IoT devices be placed on an isolated network segment and blocked from the enterprise or high valued home computer systems.  It’s also recommended to monitor all outbound Internet traffic from your “IoT” network segment to discern a baseline of “normal” behavior.  This helps you better understand the network traffic generated from your IoT devices and any “abnormal” behavior could help discover a potential attack.

Remember “hackers gonna hack,” meaning the threat is 24/7. IoT devices need good computer security hygiene, just like your laptop, smartphone and tablet.  Make sure you use unique and easily remembered passwords and make sure to rotate all passwords regularly.  Confirm that all of your systems are using the la patches and upgrades for better functionality and security.  After patches are applied, validate your security settings haven’t been changed back to the default settings.

IoT devices are very convenient and manufacturers are getting better at security, but with the ever-changing IoT threat landscape we can expect to see more impactful and sophisticated attack in the near future.  The daily burden of relevant operational security for an organization or household is no easy task and IoT devices are just one of the many threats that require on-going monitoring.  It’s highly recommended that IoT cyber threats be incorporated into a defense in depth strategy as a holistic approach to cyber security.

Learn more about 2nd Watch Managed Cloud Security and how our partnership with Alert Logic can ensure your environment’s security.

Blog Contributed by 2nd Watch Cloud Security Partner, Alert Logic