AWS in Government: myths, risks, and misconceptions

AWS in Government: myths, risks, and misconceptions

Fad1e9ed293fc5b3ec7d4abdffeb636f?s=128

Lindsay Holmwood

August 03, 2016
Tweet

Transcript

  1. Digital Transformation Office AWS in government: Risks, myths, and misconceptions

    Lindsay Holmwood Head of Development @auxesis dto.gov.au
  2. dto.gov.au Digital Transformation Office

  3. dto.gov.au We're here to make government services simpler, clearer and

    faster for everyone
  4. dto.gov.au 1/ We collaborate with agencies to transform services so

    that they meet user needs
  5. dto.gov.au 2/ We create whole-of-government platforms to support service transformation

  6. dto.gov.au 3/ We develop policies and standards to help government

    transform services consistently
  7. dto.gov.au We run EVERYTHING on AWS

  8. dto.gov.au Dev & Staging & QA & Production

  9. dto.gov.au Myths

  10. dto.gov.au “We can’t store data securely”

  11. dto.gov.au On ASD’s CCSL

  12. dto.gov.au EBS + EC2 + S3 + VPC You can

    run a lot of workloads on this.
  13. dto.gov.au ASD acknowledges risks of in-house systems

  14. dto.gov.au “Organisations need to perform a risk assessment and implement

    associated mitigations before using cloud services.” – Cloud Computer Security For Tenants, ASD
  15. dto.gov.au “Risks vary depending on factors such as the sensitivity

    and criticality of data to be stored or processed, how the cloud service is implemented and managed, how the organisation intends to use the cloud service, and challenges associated with the organisation performing timely incident detection and response.” – Cloud Computer Security For Tenants, ASD
  16. dto.gov.au “Organisations need to compare these risks against an objective

    risk assessment of using in-house computer systems which might: be poorly secured; have inadequate availability; or, be unable to meet modern business requirements.”” – Cloud Computer Security For Tenants, ASD
  17. dto.gov.au Please read: Cloud Computing Security for Tenants http://www.asd.gov.au/publications/protect/Cloud_Computing_Security_for_Tenants.pdf

  18. dto.gov.au There are strategies for making data available on AWS

  19. dto.gov.au id name email medicare Protected row ❌ Can’t store

    this on AWS
  20. dto.gov.au id name email medicare Unclassified columns ✅ Can store

    this on AWS
  21. dto.gov.au

  22. dto.gov.au Misconceptions

  23. dto.gov.au “We’ll run it like physical infrastructure”

  24. dto.gov.au *buy RIs for 3 years*

  25. dto.gov.au Yes, you’ll get a cost saving

  26. dto.gov.au BUT

  27. dto.gov.au Value of AWS is not low cost compute

  28. dto.gov.au Value of AWS is on-tap capacity

  29. dto.gov.au We can’t extract this value unless we build and

    run services like AWS recommends
  30. dto.gov.au We have to think differently about our architecture

  31. dto.gov.au Buying RIs is a risk if you don’t know

    your workloads
  32. dto.gov.au You don’t know what your workloads are going to

    be 3 years from now
  33. dto.gov.au You might: Optimise your code to run in parallel,

    across many cheaper instances
  34. dto.gov.au You might: Shift your workloads to spot instances, for

    on-demand calculations
  35. dto.gov.au How to control spend:

  36. dto.gov.au How to control spend: Start with on-demand instances

  37. dto.gov.au How to control spend: Track your spend over multiple

    months, identify instance types that are constantly used
  38. dto.gov.au How to control spend: Then buy RIs for a

    year
  39. dto.gov.au How to control spend: If you’re really keen, go

    for 3 years
  40. dto.gov.au You don’t know what your workloads are going to

    be 3 years from now
  41. dto.gov.au How to control spend: Sell unused RIs on the

    marketplace
  42. dto.gov.au Risks

  43. dto.gov.au “Our spend is getting out of control!”

  44. dto.gov.au Use sub accounts to segment and control spend

  45. dto.gov.au Logically separate services you’re delivering across accounts

  46. dto.gov.au See costs in one place

  47. dto.gov.au Reduce your cost by buying RIs and using blended

    rates
  48. dto.gov.au Handy when the service is mogged

  49. dto.gov.au Automatically shut down environments every night

  50. dto.gov.au Encourages a culture of technical resilience

  51. dto.gov.au Better security posture through short lived environments

  52. dto.gov.au *attackers are getting faster

  53. dto.gov.au “Our stuff is getting hacked!”

  54. dto.gov.au We can’t extract value from AWS unless we build

    and run services like AWS recommends
  55. dto.gov.au Extract maximum value by giving your developers AWS access

  56. dto.gov.au Give them the power to create & update &

    destroy their own environments
  57. dto.gov.au Encourages a culture of technical resilience

  58. dto.gov.au Heavily use IAM users, roles, and groups

  59. dto.gov.au BUT

  60. dto.gov.au Services and data can be accidentally exposed to the

    world
  61. None
  62. dto.gov.au Regularly & automatically audit exposed services

  63. dto.gov.au “We aren’t getting the reliability benefits!”

  64. dto.gov.au We can’t extract this value unless we build and

    run services like AWS recommends
  65. dto.gov.au Build highly reliable systems from unreliable components

  66. dto.gov.au Use autoscaling groups heavily

  67. dto.gov.au Pre-bake your applications into images

  68. dto.gov.au

  69. dto.gov.au Build a strong continuous delivery capability

  70. deploy to production acceptance tests integrate unit tests code done

    Traditional delivery Manual Manual Manual Auto
  71. deploy to production acceptance tests integrate unit tests code done

    Continuous Delivery Manual Auto Auto Auto
  72. deploy to production acceptance tests integrate unit tests code done

    Continuous Deployment Auto Auto Auto Auto
  73. dto.gov.au Everything goes to production through the pipeline

  74. 30 60 90 120 2015-10-29 2015-11-08 2015-11-16 2015-11-25 GOV.AU deploys

    over time
  75. dto.gov.au Releases are a non-event

  76. smoke tests acceptance tests integrate code done environment change deploy

    to production build images
  77. dto.gov.au Satisfy regulatory requirements more easily

  78. dto.gov.au Get scalability for free

  79. ASG environment application image instance instance instance instance instance ELB

  80. dto.gov.au Heavily restrict automation’s access with IAM

  81. dto.gov.au Ship all logs off site

  82. dto.gov.au Check out Packer & Terraform

  83. dto.gov.au Case study cloud.gov.au outage

  84. dto.gov.au

  85. dto.gov.au Time to detection: 4 minutes

  86. dto.gov.au Time to recovery: 12 minutes

  87. dto.gov.au Human intervention: 0

  88. dto.gov.au The system self-healed

  89. dto.gov.au Took longer than if we were using pure-AWS

  90. dto.gov.au It’s a tradeoff we’re willing to accept for multi-cloud

    capability
  91. dto.gov.au Principles are the same

  92. dto.gov.au The opportunity is immense

  93. dto.gov.au IaaS helps make doing the right thing easy

  94. dto.gov.au Technology is cheap, people are dear

  95. dto.gov.au IaaS eliminates classes of problems

  96. dto.gov.au IaaS frees up your teams to focus on the

    bigger picture
  97. dto.gov.au Free people up to help org learn

  98. dto.gov.au Australia can become the best in the world at

    delivering clearer, simpler, faster government services.
  99. dto.gov.au Thank you! ❤ the talk? Let @auxesis & @DTO

    know!