Change Management, Auditing and Compliance in an AWS Hybrid Environment

Once you start using AWS for production applications, auditing and compliance considerations come into play, especially if these applications are processing data that is subject to regulations such as PCI, HIPAA, SOX etc.

In this third lesson in the Best Practices for Amazon Web Services (AWS) Security course, Professor Wool reviews AWS’s own auditing tools, CloudWatch and CloudTrail, which are useful for cloud-based applications. However if you are running a hybrid data center, you will likely need to augment these tools with solutions that can provide reporting, visibility and change monitoring across the entire environment. Professor Wool provides some recommendations for key features and functionally you’ll need to ensure compliance, and tips on what the auditors are looking for.

Each Professor Wool course examines a core challenge and provides technical tips for managing security policies in evolving enterprise networks and data centers. Courses include:

• Firewall Management 201
• Network Segmentation
• Managing Business Application Connectivity
• Best Practices for Amazon Web Services (AWS) Security