AWS re:Invent - Day 1...

Greetings from Las Vegas! Today is the official start of the AWS re:Invent 2016 conference, and it is already off to a great start.

30,000 attendees are expected to gather at the Venetian and Sands Expo center for 3 days of all things AWS cloud.

Cryptzone has a huge presence at the conference, with over a dozen people attending, including most of the executive team. We are in booth 1918 on the show floor, so stop by and say hello. I will personally be there for quite a bit of the show, or out roaming the floor. If you are looking for me, check there first, and if I am not there, the guys at the booth will be able to find me. 

If you are at the conference, and looking for a solution for pretty much anything that is cloud related, this is the place to be. There are hundreds of exhibitors, representing the best in class that AWS has to offer.

This conference is also one of those that brings out the world’s experts at AWS and cloud computing. Some may seem a little scary, but I promise, they are the absolute best at what they do and are here to figure out better ways to help solve your cloud challenges. Don’t be afraid of chatting with them before a session or at one of the meals.

I don’t intend on writing a huge blog every day, but I will share some of the things I find particularly interesting as the show continues. You can also follow me on Twitter - @CloudSecChris – where I will be giving almost constant updates.

Stay tuned!

Cyber Monday Shopping Security Tips...

This blog originally appeared on the Cryptzone blog site.  You can find the original here.

Cyber Monday will be the largest online shopping day in history according to a recent Adobe Digital Insights report. Thanksgiving Day will show the fastest growth, reaching $2 billion in online sales (15% YoY growth), Black Friday will reach $3.05 billion (11.3% YoY growth), and Cyber Monday will hit $3.36 billion in online sales (9.4% YoY growth).

Guess what? The bad guys also know that you want to spend money online, and Cyber Monday is a big day for them as well. While Cryptzone is not going to directly protect you from credit card fraud, as a security company, we believe in sharing tips and tricks to make everyone more secure, especially during this holiday season. Here are a few tips to consider before you order the latest video game or electronic device online today or this holiday season:

• Always choose a reputable site. There are soooooo many great e-commerce sites available to choose from. Chances are that you may have ordered from one before. Stick to sites that you know or have done business with previously. Many “brick and mortar” companies have websites offering great deals as well.

• If it sounds too good to be true, it probably is. If you decide to travel off the beaten path to find that epic deal, you may not be getting what you want. Worse, you may not get anything at all. Make certain to do a little research about the product and the company that you are buying from before passing along your credit card information.

• Beware email and text messages. There are lots of scams this time of year from bad guys supposedly coming from reputable retailers asking you to verify or update your personal information. Be very cautious clicking on links that ask you to enter additional information. It is always a good idea to manually go to a website directly, or, better yet, call the retailer, if you need to update your personal information.

• Use a credit card with fraud protection. Check with your credit card company about their fraud protection policies. Most credit cards have some level of protection associated with them, but it is better to know exactly what those limits are. Also, if possible, use a credit card instead of a debit card to make online purchases. Generally speaking, a credit card will offer you greater protection and security, while your bank’s debit card will impound your funds while they conduct a fraud investigation.

We hope you have a wonderful holiday season, and remember to be safe and smart with your celebrations and purchases!

Geek's Guide to Things to See At AWS re:Invent 2016

NOTE: I have received ZERO compensation for any of the businesses listed here, nor are they “officially” recommended by anyone else besides myself. Also, I originally wrote a very similar blog for another conference earlier this year. But the recommendations are still very valid, and worth sharing again.

I know that you are likely at AWS re:Invent next week, and it is about time to finalize your conference schedule and what to do when you are not at the conference (when you are not visiting the Cryptzone booth, of course!). If you are looking for something apart from computers and conferences to do, Vegas has it all. You can always look to the free “What to Do In Las Vegas” magazines for shows and other attractions, but I thought I would recommend a few things off the beaten path and more tailored to the crowd that will be attending the re:Invent conference – things that don’t require taking out a second mortgage or testing your luck with a one armed bandit.

Obligatory Free Stuff: Fountains, Gardens, Water Shows, and Volcanos.

The Strip can overwhelm the senses – from lights to smells to sounds. And the casinos have to pull you in somehow, so many offer free shows and attractions that are worth seeing. If you make your way down to the Bellagio, the Dancing Fountains are a Vegas “must see” attraction. While you are there, my wonderful wife would have me tell you to pop in and visit the Bellagio Conservatory, which rotates several times a year with the seasons. Next to the Venetian is the Wynn Las Vegas, and behind that man-made mountain of pine trees is actually a pretty cool water show at the Lake of Dreams. Lastly, across the Strip at the Mirage, the Volcano erupts several times every evening, usually on the hour. While not quite Yellowstone, it doesn’t have the sulfur smell that you have to put up with to see the real thing…

Get Your Geek On: The Toy Shack and Antiquities
http://lasvegastoyshack.com/
http://www.antiquitieslv.com/

If you make your way to Downtown Las Vegas (the Deuce bus picks up right in front of the Venetian, and I think it is $8 for a 24 hour pass), make certain to check out the Toy Shack. They specialize in sci-fi and vintage toys, especially from the 80s. Very cool Star Wars and GI Joe selection. But bring $$$.You will need it. A little closer to the Venetian at the Caesar’s Forum Shops is Antiquities. They have an awesome selection of exclusive memorabilia such as signed movie posters, but also have a good selection of loose action figures in the back of the store.

Serious Reading: Bauman Rare Books
https://www.baumanrarebooks.com/

On the second floor of the Palazzo shopping mall is my favorite store / museum in all of Las Vegas: Bauman Rare Books. This is not Barnes and Noble. This is where you come to find that signed first edition or extremely rare copy. They also have one-of-a-kind historical artifacts (I don’t know what else to call them) for sale – they had an original copy of the Declaration of Independence for sale there at one point, and currently have a copy of the Nuremburg Chronicles on display (printed in 1493). If you hit it big (and I mean real big) on the tables or slots, you might be able to afford something from this store. But it is free to have a look, and Rebecca Romney (store manager) will be happy to show you around.

Pinball Wizard: The Pinball Hall of Fame and Museum
http://www.pinballmuseum.org/

I have no idea why this place doesn’t receive more exposure, but the Pinball Hall of Fame (PHoF) is maybe one of the coolest things in Las Vegas. They have over 150 playable pinball games – all in one place! Entrance to the PHoF is free, and all of the proceeds from the game play go to charity. Even if you are not a Pinball Wizard, this place is worth a look. It is a little ways from the conference, but the website has a decent map and bus routes.

Old School Vegas: The Neon Museum and Fremont Street Experience
http://www.neonmuseum.org/

Make your way back to Downtown Las Vegas in the evening – the table game minimums are much more reasonable and the slots are far looser (if that is your thing). The canopy that hangs over Fremont Street downtown is part of the Fremont Street Experience – a 5-8 minute show that starts on the hour after dark, and synchronizes to really good music. Worth seeing if you never have. While you are down there, a block off of Fremont Street is the Neon Museum. This is the place all the old casino neon signage comes to rest, and it is especially cool at night when it’s all lit up.

I hope these suggestions help you journey out on the town. There are sooooo many more things to do in Vegas that I didn’t have space to list - look me up at the Cryptzone booth (Booth #1918) while you are at the conference and we can compare notes!

See ya there!

Geek's Guide to Where to Eat While At AWS re:Invent 2016

NOTE: I have received ZERO compensation for any of the businesses listed here, nor are they “officially” recommended by anyone else besides myself. Also, I originally wrote a very similar blog for another conference earlier this year. But the recommendations are still very valid, and worth sharing again.

AWS re:Invent is next week, and it is about time to finalize your conference schedule and decide what to do when you are not at the conference (when you are not visiting the Cryptzone booth, of course!). When you are looking to break away from the conference action for a meal or two, here are a few recommendations that are a little outside of the usual ones that you will read in all of the free “What to Do In Las Vegas” magazines that seem to be everywhere.

Best Place for a Business Meeting: Delmonico Steakhouse
http://emerilsrestaurants.com/delmonico-steakhouse

To start, I included Delmonico’s at the Venetian for a few reasons, even though it is on practically EVERY one of the recommendation lists I was mentioning above. First, you will be hard pressed to find a better steak in Vegas, especially at the price. No, they are not the cheapest (nor the most expensive), but they are quite excellent. And the service is very very good. Second, if you are going to re:Invent, Delmonico Steakhouse is located in the same building as the conference (sort of). But lastly, and the reason I mention this at all: if you are reading this, and have any plans on eating there while there is a conference going on, you had better make a reservation now. You will not be eating there (or any of the finer restaurants at the Venetian) if you do not plan a little ahead and make a reservation. The link is above. Take the time to enjoy the bone-in ribeye. The lobster bisque makes a great appetizer, and so does Emeril’s gumbo.

Best Old School Las Vegas Coffee Shop: Peppermill
http://www.peppermilllasvegas.com/

The Peppermill is excellent. It is where the locals go to eat on the Strip, and by locals I mean pretty much anyone who is anyone. It is open 24 hours (like many things in Vegas), and this tends to be where a lot of the performers for all of the shows on the Strip go to get a bite to eat after their performances. Great food. And if you are really daring – order the fruit plate. Take a picture. And if you finish it – ALL OF IT – you are my personal hero.

Best Secret Restaurant: Secret Pizza 

(no url… it’s a secret)

Yeah, not so much anymore, as it is sooooo good. Secret Pizza is in the Cosmopolitan Casino and Resort, a few block south of the conference. They are known to have some of the all-time best pizza anywhere, so maybe it is worth the visit. To find it, go up to the restaurant floor (third floor). At the left of the Jaleo restaurant, there is a narrow hallway with album covers lining the wall. Go down this hallway to the pizza place.

Best Spot for Breakfast: Hash House A Go Go
http://www.hashhouseagogo.com/

I am not really certain how best to describe the Hash House. The food there is incredible, and the quantities are huge. If you are a “breakfast is the most important meal of the day” type of person, this is your place. And while their ingredients are as fresh as they come, this place is not for the “healthy” types. It is always voted as one of the best breakfast spots in pretty much every location where they have a restaurant.

Best Restaurants for Those on a Budget: White Castle and Denny's at Casino Royale
http://www.whitecastlevegas.com/
http://locations.dennys.com/NV/LAS-VEGAS/200141

Probably not what you consider gourmet dining by any means, especially when there are so many awesome options in Las Vegas. But there are times that you just want to eat and then get back to the conference (or tables), and the Casino Royale, located right next to the Venetian, actually has some pretty decent low cost options. White Castle moved there a couple of years ago, and their sliders are of special renown (I personally think their crinkle cut fries are the best). The Denny’s has just been completely remodeled, and also happens to be the most profitable Denny’s in the world. Again, maybe not where you want to take a prospective customer, but a person’s gotta eat, right?

I hope these have been interesting for you. The next part of this series will be a brief list of things to see and do while at the re:Invent conference.

See ya there, and make certain to stop by the Cryptzone booth at the conference – Booth #1918

AWS Data Compliance: 4 Tips for Decreasing Audit Times...

If you are an IT professional, chances are that you are dealing with audit and compliance pressures. I penned this blog for Cryptzone to discuss some simple ways to decrease your audit exposures in your AWS cloud.  You can find the original post here.

When we talk to customers about their greatest concerns about moving workloads to the cloud, inevitably one of the top barriers is compliance-related activities. They feel they have an understanding of the technology, how it works and how it will be implemented. But they still have concerns about how they will deal with audit / regulatory compliance issues. In addition, companies are always looking for ways to decrease the time and complexity of their audits.

The bad news is that moving workloads into the cloud will nearly always increase the complexity of an audit, thus increasing the time it takes to conduct the audit. How complex the audit will be is determined by many factors, some of which can be controlled by the enterprise, but some that are inherent to auditing in the cloud. The good news is that there are steps that a company can take to decrease the complexity of the audit, and hopefully decrease the amount of time auditors spend evaluating your cloud infrastructure.

Companies considering moving their workloads to the cloud should keep the following audit tips in mind:

1. Understand The Auditors

Before a company embarks on their workload migration to the cloud, consult the auditors that will be evaluating the cloud environment. Many of the large auditing firms have finally released guidance about how best to implement cloud solutions, and can share the controls that they will be using to evaluate workloads in the cloud. Many times, it is far easier to implement these standards at the very start than to try to retroactively remediate a particular control.

2. Understand The Regulations

Just as it is important to understand those that will be evaluating the environment, it is also important to understand the specifics of the regulations that govern your company. For example, there may be regulations about where a company’s data can be stored (because of the sensitive nature of the data). Most of the cloud providers (including AWS) have the ability to control where workloads will be hosted, but it is important to fully understand how data locality will impact your cloud solution. AWS already has evaluated many of the common regulatory standards, and provides guidance how to best implement a cloud solution within their environment.

3. Decrease Scope

While most auditors will never suggest that they would prefer to audit less (they are usually paid by the billable hour), they will also admit that decreasing the systems that are part of an audit will generally decrease the cost, time and complexity of an audit. Companies should consider how systems are connected and develop an architecture that minimizes the possible devices that are in an audit scope. AppGate for AWS embraces this concept. It is a Software-Defined Perimeter solution that delivers highly granular access control, reduces audit scope and provides detailed logging of user access and activities to efficiently feed audit request data needs.

4. Tools / Logging for the Cloud

Companies should take advantage of tools and capabilities specifically designed for the cloud infrastructure to decrease audit complexity. Logging from cloud resources should be collected by a centralized and easy-to-manage log management tool. Security tools should have robust logging and event capturing capabilities. These tools should be able to correlate important events and generate reports for auditors to use as evidence of control compliance.

While certainly not a complete list, companies that use these suggestions before and after implementing their workloads in the cloud will find that their audit times will significantly decrease, and the brain damage that comes with dealing with compliance regulations will decrease as well.

As IT Professionals, regulatory compliance has become a major facet of our job responsibilities. But we should not let it intimidate us from taking advantage of the benefits of moving to the cloud.

You can find more information about Cryptzone here. The Forrester Research whitepaper “Forrester – “No More Chewy Centers: The Zero Trust Model of Information Security” can be found here. You can also read additional Cryptzone blogs by going here.

The Day After...

I was hoping this day would come. I know it is still early, but - like I said - I'm hopeful!

Why Cloud Security Expert Christopher Steffen Joined Cryptzone...

Apart from the title being slightly self serving, I wanted to share this first "official" blog that I wrote for my new company Cryptzone. You can see the original post here, and you can learn more about Cryptzone here.  Enjoy!

Over the weekend, I shared how excited I was to join the Cryptzone team as a Technical Director. I wanted to share a few insights into my move, and why I chose Cryptzone as my new home away from home.

Technology: There are literally thousands of technology companies out there, and many of them have a focus (or at least pay attention to) the issues that I particularly like to advocate: information security and compliance. Cryptzone is a company dedicated to these issues, and takes a unique approach to all of them. AppGate is the industry leader in the emerging Software Defined Perimeter (SDP) space, providing security solutions with identity centric security controls to the enterprise while protecting resources from internal and external threats. Security Sheriff is a product that helps enforce compliance and data security policies for many of your compliance controls. Compliance Sheriff provides users with a means to monitor online content for potential compliance issues across digital environments – keeping information safe, appropriate and within regulatory guidelines. These products are leaders in their respective spaces, used by private and public sector customers to address security and compliance needs.

Innovation: If you follow the information security industry at all, you know that there are dozens of security products to address every potential security concern an enterprise may have. Cryptzone may have been dismissed before as just another vendor in the already crowded security software space.

Until you actually look at what they do.

The Software-Defined Perimeter paradigm is a radically different approach to network and identity centric security. The entire AppGate concept is different enough – authenticating the user before they have access to ANY resources at all – that it often takes a couple of explanations to get it, even to the most seasoned security or network professional. Once they *DO* understand the concept, the first question usually is “Where has this been all my life?” I can happily share examples of the technical overview with you, but it blew my mind the first time I saw it. Enough so that I knew then that I was EXTREMELY interested in the revolution that was SDP and Cryptzone.

Message: Cryptzone is unique in the security industry. Often you hear the tales of doom and gloom that accompany most security services and product sells – buy our stuff or your company will be hacked out of existence! The fear marketing happens at nearly every company, and I guess it must work, to some extent. Cryptzone takes a different approach – providing a security solution and support to a customer partner trying to address security and compliance challenges to protect their enterprise. REFRESHING!! As an industry, I think we need to move away from the scare tactics and focus on solutions. While I was able to do this to some degree in my previous professional endeavors, Cryptzone embraces the concept.

Culture: I walk into a room with co-workers for the very first time, and the first comment that I was greeted with was “I had better step up my beard game.” No, I do not make employment decisions based on the beards in the room (though that may not be a terrible criteria), but it speaks to the welcoming and collegial atmosphere of the company. My previous professional experiences have varied – from the large, Fortune 50 technical company, to the small manufacturing company, to the small financial services company, to the public sector. Each has been different, and each has their positives and negatives.

Cryptzone is an established “start-up”, though it is different than any start-up I have seen or been a part of. It is established and funded, has mature products, industry leadership and all of the usual infrastructure that you would expect from a well-run company. Yet there is definitely a start-up vibe – excited, driven, innovative, and fun. I have been immediately embraced as a person, not just another employee, engaged at every level about my ideas and suggestions. It is the dream of every person to work in an environment where they are valued. Cryptzone convinced me of this on the very first day (actually long before that).

I blog ALL THE TIME – this is the first of MANY blogs that I will create for Cryptzone. I am planning a series on a recent Forrester Research report that you should be able to read soon, as well as thought leadership content on Cryptzone and information security topics.

You can find more information about Cryptzone here. The Forrester Research whitepaper “Forrester – "No More Chewy Centers: The Zero Trust Model of Information Security" can be found here. You can also read additional Cryptzone blogs by going here.