Compliance and Security for Public Cloud | SUSE Communities

Compliance and Security for Public Cloud


For many organizations, compliance and security is perennially among the IT department’s top priorities. And with the acceleration of enterprise application migration to the cloud, keeping those applications and the associated data secure is an even more complex challenge. Sadly, most organizations according to David Linthicum, SVP at Cloud Technology Partners, will default to the “cloud computing is unsecure” mindset. A recent Gartner study found that enterprises will go to great lengths to lock down on-premise systems that are running their mission critical apps, but when they start to adopt a hybrid or public cloud strategy, security is one of the first things they sacrifice. The complexity of locking down and maintaining a secured cloud image has become a barrier, in spite of the known risks.

What would help is if there was an easy way to deploy a secure cloud image out-of-the-box, without spending the time and effort or acquiring the needed expertise to lock it down. This is exactly what Buddha Labs has done with their Hardened SUSE Linux Enterprise Server 11 SP3 image in the Amazon Web Services (AWS) Marketplace. Buddha Labs specializes in regulatory compliance assessments, IT security engineering, penetration testing, and web application security.The SLES image is hardened according to the Center for Internet Security (CIS) Benchmark, a well-defined, unbiased and consensus-based industry best practices to help organizations assess and improve their security. The CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.

Let’s talk about scenarios for these security hardened Linux images:

  1. HIPPA, PCI, Compliance Requirement: Organizations that are trying to meet HIPPA, PCI or other compliance requirements and need to pay an independent third party.
  2. Federal Government Contractors, Vendors: Companies that do business with the federal government, or companies with strict security rules that need to verify that their assets meet a specific set of configuration standards.
  3. Adopting Security Standards Internally: Organizations that don’t have a security standard and want to adopt one.
  4. Speed Up Go To Market Securely: SMB and Enterprise businesses that need to write code quickly and deploy to production securely without rebuilding the image for security.

The security hardened amazon machine image (AMI) helps those customers achieve baseline compliance with the publicly available security policies as soon as the image deploys. The result is an immediate cost savings by reducing to zero the time an AMI runs unproductively as the administrator configures the image for compliance.

The Hardened SUSE Linux Enterprise Server 11 SP3 image comes with full support from Buddha Labs. That means, if you have questions about the security configuration, you can contact Buddha directly. In addition, Buddha provides full audit reports in Excel and HTML formats for submission as part of a compliance audit, which are available via their Zen Support Portal.

Check out the Hardened SUSE Linux Enterprise Server 11 SP3 image on AWS today.

(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published.

No comments yet