aws services 7 transformation media
TRANSCRIPT
Horizontal Media Solution Provider
FLEXIBILITY
We were born
CLOUD
in 2006
CONTINUOUSLY
INNOVATE
ON BEHALF
OF THE CUSTOMER
Mobile and Social in 2012
Reborn
CONTINUOUSLY
ADD VALUE
Today, in 2014
We provide
Horizontal Media
Solutions
Global Reach
24X7 Operations
Following Sun
57 Countries.
33 Languages.
Over 400
Customers
Strong presence in Media / Life Sciences / Manufacturing /
Education Verticals
Cloud Based
Offerings
Pressmart Cloud Based Offerings
AWS Cloud Services Publication Cloud Education Cloud
We offer following cloud based solutions & services
AWS Cloud
Services
The 7 Transformations of Cloud
Computing for Media Companies
A common misconception:
cloud computing is only about….
Saving money
Cloud Transforms hat’s possi le
Transformation 1:
Launch New Media Services Fast
Traditional Infrastructure Drives up
the Cost of Failure … I o atio Suffers
How many big ticket
technology ideas can
your budget tolerate?
Experiment
Often & Fail
Quickly with
AWS
Cost of failure falls dramatically
People are free to try out new ideas
More risk taking, more innovation
Transformation 2:
New application success is not a problem
With traditional hardware it may be
impossible to keep up with demand
With the cloud you can easily add the VM, storage,
DB, and CDN resources you need
Transformation 3:
New platforms and devices are opportunities, not threats
With traditional infrastructure, your
media waits in line
With the cloud you can add
thousands of servers to encode your
library fast.
Problem: Timeline overruns to support
PS3 launch
Solution: AWS’s Scale,1200 virtual
machines on-demand
Benefits:17,000 titles (80TB of data)
transcoded in days, able to support
launch
Transformation 4:
Distributed Architectures Made Easy
High
Availability
Building Distributed
Architectures
with Traditional
Infrastructure is Difficult
Cloud Computing Makes This Easier Distributed
Infrastructure
Building
Blocks
Availability Zones
AWS Regions
EC2 Instances
Elastic Load Balancer
Multi-AZ
Services
S3
RDS
DynamoDB
Loosely Coupled
Process Coordination
SWF
SNS
SQS
Architecture Templates for Common Patterns
aws.amazon.com/architecture
Transformation 5:
Embracing the security advantages of shared systems
Infrastructure
Every Customer Gets the Highest
Level of Security
AWS Security Infrastructure
SOC 1/SSAE 16/ISAE 3402,
ISO 27001, PCI DSS, HIPAA, ITAR,
FISMA Moderate, FIPS 140-2
Your
Apps
Applications
Flexibility to Choose the Right Security
Model for Each Application
Transformation 6:
Big Data without Big Servers
Atta ki g Big Data Pro le s Should ’t Be This Co pli ated
Storing Massive Data
Volumes Into A Huge Data
Warehouse
Investing In Expensive
Server Clusters To Process
The Data
Amazon S3
The Cloud Makes This a Lot Simpler
Load Data in the Cloud
Organize & Analyze Data
Visualize Results
1 2 3
Amazon DynamoDB
Hadoop Clusters
Amazon EMR
Transformation 7:
Content Access not Content Copies
Content and apps were device
specific and needed to be replicated
Now the cloud is the content hub
How Pressmart
Can Help To
Achieve
Transformation
Typical Deployment
Private Connections
Workload Migrations
Access Control Integration
Work with Existing
Management Tools
On-Premises Apps
Customer Data Centers
Cloud Apps AWS
Most enterprises will run a hybrid IT architecture
Some workloads will run on-premises
Some workloads will run in the cloud
Management & Integration is mixed
Workloads can be migrated back and forth
Hybrid (not all or nothing)
Typical Use Cases
Prototyping and Development
Test and Staging
Data Warehousing and Analytics
Collaboration
DR/BCP and Data Archiving
Web Application Architectures
Media caching, streaming and delivery
Tried and True
Cloud-Ready
Cloud Risks, Both Old and New
1. Data Breaches
2. Data Loss
3. Account Hijacking
4. Insecure APIs
5. Denial of Service
6. Malicious Insiders
7. Abuse of Cloud Services
8. Insufficient Due
Diligence
9. Shared Technology
Issues
Source- Cloud Security Alliance
Cloud Computing Top Threats in 2013
1. Accountability & Data Risk
2. User Identity Federation
3. Regulatory Compliance (CPNI, PCI, SOX…) 4. Business Continuity & Resiliency
5. User Privacy & Secondary Usage of Data
6. Service & Data Integration
7. Multi-tenancy & Physical Security
8. Incidence Analysis & Forensics
9. Infrastructure Security
10. Non-production Environment Exposure
Top 10 Cloud Risks Source- OWASP
Governance
& Control
Measure, Mitigate, Accept
We Manage Your Cloud Technology Risks
A model of shared
control
responsibility
AWS
CSP
Customer
We do Active Risk Tracking and Mitigation
Example Risks Impact
Rating
Mitigation
Type Remediation/Best Practice
Effort
Level
No formal process to
assess, track and
report cloud
computing risks.
High People, Process
1. Develop a risk and reporting policy specific to Cloud
Computing.
2. Begin project work to prioritize and address findings and
mitigate risk to within acceptable limits.
Medium
Security configuration
drifts from approved
standards.
High Technology, Process
1. Develop a change control process and testing policy for
Cloud Computing resources.
2. Implement configuration reconciliation and change
detection capabilities across App (source and runtime), OS
and infrastructure.
Medium
Unauthorized access
to xxxx. Critical
Technology, Process
1. Institute clear standards, reference designs and scanning
for all CNPI use cases.
2. Design and implement data protection and detection for
all xxxx associated systems and networks e.g. encryption
and exfiltration monitoring.
High
Uncontrolled use and
expense of cloud
resources.
High Technology, Process
1. Institute policy and preventative measures to disallow
unapproved end-user provisioning of resources and new
accounts.
2. Inventory and track changes to CSP accounts and
resources with periodic billing reconciliation.
Low
Impact on Operations A shifting Paradigm – need for both control and agility at web-scale
Almost everything is automatable, for better or worse Autonomy and self-service Thoughtfully extend existing policy, tools and techniques Develop Cloud specific policy and
standards to fill the gaps
The blending of
development and
operations functions
Impact Beyond Operations
Organizational
Process
Technology
New skills and new training
Agility in project teams and management
Multiple hats and blurring of legacy
boundaries
Rethinking roles
Portal-based, self provisioning
Agility in deployments
New techniques for change management Extending access and identity management
Automating workflows and key procedures
A/B Testing and QA
Mapping vendor software licensing
New techniques for monitoring and response
Integrating support with the CSP
Changes in networking topologies
Backup, DR and high availability
Application and infrastructure event logging
Your Cloud Governance Initiative
• Ensure the IT Cloud Computing strategy is
aligned with business strategy and IT delivers
against the decided strategy.
• The risks associated with Cloud Computing are periodically assessed, tracked and mitigated in-
line with the business strategy and overall risk
appetite of the company.
• To maximize the investment, benefits and agility of Cloud Computing as a transformative
technology, while balancing the need for
vigilance and control throughout the platform
lifecycle.
To lay the foundation and framework for a
balanced approach to compliance, control,
and acceptance of Cloud Computing within
your organization.
Goal
Objectives
Strategic Alignment Value Delivery
Risk Management Performance Measurement
Cloud Governance as a Process
Cloud Governance Board
Provides a unified,
centrally governed
approach for the Cloud
environment.
New Build Guidance Control
Domains
Governance
Asset Configuration and Management
Logical Access Control
Data Encryption
Network Configuration and Management
Security Logging, Monitoring and Incident Response
Disaster Recovery
✔
✔
✔
✔
✔
✔
✔
Measure,
Confirm &
Report
Workload
Onboarding
Process
Self-service
Restricted Data- Checklist, Templates & Reference Designs
Public Data- Checklist,
Templates & Reference Designs
Example Process Workflow
Workload
Onboarding
Process
Re
qu
esto
r C
lou
d
Op
era
tio
ns
IT S
ecu
rity
Opens ticket and
declares use-case,
resource and data type
Instructs on reference
design and standard
requirements
Reviews and approves
use-case with additional
security requirements
Requests deployment
based and schedule and
test plan
Deploys resources, adds
to BAU monitoring
Scans to ensure standard
builds and adds to BAU
monitoring
Concludes UAT and
closes request
Next Steps We will conduct a full risk assessment of the Cloud Computing Program.
Informed by the risk findings:
1. Finalize the Your Cloud Governance Structure and workflow
2. Complete the Policies and Standards for Cloud Computing
3. Ensure technical and process controls meet all policies and standards
4. Start POC of suitable use cases and show agreed results
Pressmart Media Limited
India
3rd Floor, MJR Arcade,
Khanamet, Gurukul Society, Landmark: Near Meridian School, Madhapur, Hyderabad - 500081, AP T : +91 (40) 6612 4000
W : www.pressmart.com