» Secure Dynamic Enterprise Environments
Data centers are static infrastructure, with dedicated servers, static IP addresses, and a clear network perimeter. Security was imposed through a “castle and moat” approach of hardening the network, and managing access based on IP addresses using network middleware. The private network was assumed to be inside the castle, and assumed high trust and integrity.
In the cloud, infrastructure is both ephemeral and elastic, IP addresses are dynamic, and the network perimeter is no longer distinct. This strains traditional network based approaches to security. Instead, modern security posture assumes a “low trust” network, where it's assumed a network breach will occur. This new posture pushes for a more integrated approach to security, where access to systems and endpoints is explicitly managed, instead of implicitly granted by virtue of being on a private network. Instead of using IPs as a the unit of access, applications are provided an identity which allows us to handle the ephemeral and elastic nature of cloud infrastructure.
To help with the creation and storage of new application identities, AWS offers tools like AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), and AWS CloudHSM. These tools provide trusted sources for identity, but also increase the number of secrets (passwords, certificates, encryption keys, etc.) that need protection. Using HashiCorp Vault organizations are able to secure, store, and tightly control access to these secrets. Leveraging Vault on AWS enables enterprise to start deploying applications in the cloud, without compromising on security or compliance.
» Join this webinar to learn:
- The AWS approach to enterprise security
- What tools are available from AWS
- How HashiCorp Vault integrates and enhances these tools
- 9:00 - 9:05AM Introductions
- 9:05 - 9:20AM Introduction to the AWS Enterprise Security Approach
- 9:20 - 9:40AM How Vault Enhances Enterprise Cloud Deployments
- 9:40 - 9:50AM Demonstrations of Vault and AWS Integrations
- 9:50 - 10:00AM Live Q&A
Everyone who registers for the webinar will receive a link to the webinar recording after post-processing (usually 1-2 days).