by Stephen Kuenzli | Apr 6, 2021 | AWS, Cloud, DevOps, Infrastructure As Code, Security, Strategy, Systems
Hey – I’m back! I’ve been heads-down learning what Cloud teams need to deliver to AWS securely and make IAM usable, and building that into a business delivered via SaaS & infrastructure code libraries: k9 Security. I’d like to share my... 
by Stephen Kuenzli | May 13, 2020 | AWS, Cloud, Security
Last week I presented ‘Secure an S3 Bucket (and still use it)’ at the Phoenix DevOps meetup. I’m trying to help people understand why and how to protect every S3 bucket with data that needs to remain confidential. We hosted the meetup using Zoom.... 
by Stephen Kuenzli | Apr 10, 2020 | AWS, Cloud, Security
Securing data in S3 is a nightmare for many people. Data breaches from insecure AWS S3 buckets make the news weekly and it’s not just clickbait. AWS Simple Storage Service (S3) is the world’s most successful object storage service. It offers a wide set of... 
by Stephen Kuenzli | Apr 2, 2020 | Cloud, DevOps, Risk, Security, Strategy
Ever stared at a screenful of Cloud resources and wondered: Who owns this resource? What application does it belong to?Who should we call when the application is broken?Who should pay for this resource? Which applications are driving our costs?Do access controls... by Stephen Kuenzli | Mar 6, 2020 | DevOps, Risk, Security
I attended two and a half days of the RSA security conference last week and I’d like to share my first-timer perspective with you. Summary The opening keynote challenged Information Security to reorganize to collaborate better with users, business, risk, and IT... by Stephen Kuenzli | Feb 10, 2020 | AWS, DevOps, Risk, Security, Systems
Information Security risks are those risks “that arise from the loss of confidentiality, integrity, or availability of information or information systems and reflect the potential adverse impacts to organizational operations, organizational assets, individuals,... 