Harness the power of cloud without sacrificing security

Structured in research paper format, this 8-page resource outlines how the teams at JupiterOne and LifeOmic used Principles of DevOps Security Program and Secure Software Delivery to build a truly secure AWS environment. The security operating model allowed the team, with minimal resources, to put in place real security to protect the confidentiality, integrity, availability and privacy of patient data and sensitive personal information.

LifeOmic's path to compliance and security via this operating model led to the creation of JupiterOne. 

 

 
Building a Virtually Air-gapped Secure Environment in AWS∗ with Principles of DevOps Security Program and Secure Software Delivery

What's inside this resource:

  • The principles, assumptions, and assurances of an effective security program for a cloud DevOps organization
  • How LifeOmic built a virtually "air-gapped" environment in AWS to secure its production workload and resources by prohibiting any internal network connectivity or user access
  • How software is securely delivered to this "air-gapped" environment without VPN or SSH access
  • How to ensure the secure software delivery process is followed using production change management automation