Last month, I attended the inaugural AWS re:Inforce conference in Boston – the company’s first event focused on security and compliance.
While it had a significantly smaller footprint than re:Invent, the conference was filled with knowledgeable cloud and security experts looking to solve specific problems faced by many of today’s digital- and cloud-first organizations.
Smaller footprint than re:Invent, but filled with experts looking to solve specific problems
After having the opportunity to speak with a number of the attendee and exhibitors, my three big takeaways from this conference were:
Compliance as code
This new phrase was on the tip of everyone’s tongues. It follows along with the idea of infrastructure as code and configuration management, and allows organizations to codify and automatically deploy compliance requirements.
For organizations, it will be important to work with providers who deliver these capabilities and not force everything to be done through a point-and-click graphical user interface (GUI).
Decentralized compliance and governance
This concept is rooted in letting the developers who wrote the code be the ones who fix the compliance issues. The goal is to empower developers to be a part of the solution, instead of being the problem that a centralized information security team is trying to control.
The value to organizations is developer and security teams that are committed to delivering the best applications and software possible, from development to production.
The security industry has seen a significant consolidation via mergers and acquisitions over the past few years, and that doesn’t seem to be slowing down any time soon.
What was clear, however, is understanding that security must overlay across every aspect of the enterprise from cloud to DevOps. Further, despite the market consolidation, organizations are still working to integrate acquisitions under larger solutions umbrella, which will continue to take time.
Missing one important detail
Despite all of the great takeaways from the event, there was one glaring industry trend that wasn’t discussed – multi-cloud. While it was an AWS event, upwards of 80% of enterprises have a multi-cloud environment and security is a universal topic.
This was a good event to go deep with your AWS security strategy but make sure you're creating procedures & policies for a unified multi-cloud governance strategy.
With Embotics, organizations are able to implement policy-based automation to provide engineering teams the necessary level of control through orchestration, while enabling the freedom to consume the public cloud resources as they need – ultimately allowing IT to control security and compliance, and empowering DevOps with agility and velocity.
Want to try it out for yourself? Sign up today to get free trial access to Embotics vCommander Cloud Management Platform.