How to work with the cloud: 30 materials, practical guides and tips on PD, IB and IaaS

    Today we will talk about the features of the introduction of cloud technologies: analyze legal issues, discuss real cases. We write about this in our corporate blog and on Habré.


    / photo Atomic Taco CC


    Cases and IaaS implementation examples




    The company Jotun, engaged in the production of decorative paints, chose to migrate infrastructure to the cloud, rather than buying new hardware. Here we are talking about how their infrastructure was organized before using IaaS and what changed after the transition.




    Using the case studies of the Hotels.ru, The Travel Team and Inna-Tour companies, we find out how cloud infrastructure helps booking services arrange travel in a few minutes.




    A little bit about how automation helps to take the load off specialists in the field of financial advice and that the “Financial autopilot” working in our cloud can do.




    Here we will talk about information models and a specialized designer, which allows you to implement the concept of a virtual shipyard.




    Today IaaS goes hand in hand with e-commerce in its development. The largest retailers increasingly rely on virtual infrastructure. We understand the reasons for their transition to IaaS.




    Seasonal sales and the "influx" of buyers is a real challenge for the infrastructure of delivery services. We are talking about how IaaS helps to adapt to sudden load spikes and solve the “ last mile ” problem .


    About virtualization




    How the tool changed from version to version: what has changed, what is gone, how the tool looks today. Let's tell about Storage vMotion, SDPS, Metro vMotion, migration and encryption.




    If you have long wanted to streamline your knowledge of NetApp, this material can be a good help. This is a compact glossary of NetApp terms and definitions. We led the scheme and tried to present the essence on the basis of life examples.




    At the end of last year, Adobe released an update to Adobe Flash Player, which covered a zero-day critical vulnerability. However, this update also disrupted the vCloud Director portal. We describe the steps that will help solve the problem.




    A brief photo report of the process of unpacking the blade server Cisco UCS B480 M5, which came to us in the spring of this year.




    This article will focus on Fortinet - equipment for the protection of networks and infrastructure providers. We are talking about the "three whales" on which the security factory rests, and the main threats from which these "whales" protect.


    Legislation and IT




    From this article you will learn what laws, measures and requirements are applied in Russia to protect user data, and how this data is secured in the IaaS cloud.




    In legislative acts it is often possible to meet too broad or ambiguous concepts. This causes confusion or a vague understanding of any terms. In this material we deal with a number of basic questions and definitions.




    In continuation of the topic, we will consider the legal requirements that need to be fulfilled when processing personal data. Separately, we’ll tell you how to confirm a person’s consent to the processing of PD and in which cases it is necessary to draw up this consent in writing.




    How not to violate the law and comply with the requirements of the regulator when processing PD? What should a client know when choosing a personal data hosting service provider for FZ-152? We answer these questions in our material.




    We are talking about the right to oblivion, which the European Court adopted to oblige Google to remove from the search results false or irrelevant information about EU citizens. The article describes in detail what the right is, how it is implemented and in which countries it works.




    Continuing the topic of the right to oblivion: let's talk about the trial of two businessmen who insist on removing information about themselves from Google. Read more about the arguments of the plaintiffs and the IT giant, as well as community opinion and court verdicts, read inside.




    On March 23, 2018, a bill was passed by the US Congress, called the CLOUD Act. It allows US law enforcement agencies to gain access to users' PDs stored abroad. More information about the act and how the community and IT companies reacted to it (who approved, and who criticized), tell about the link.


    Practical tips for working with the cloud




    We understand how to safely migrate infrastructure to the cloud and how to choose a service provider. We will also talk about the features of documentation and employee training.




    How do cloud technologies help implement large international projects? We answer this question on the example of the Canadian holding company Hatch, which operates in the field of mining metallurgy and energy.


    / photo NTNU CC




    We offer a look at the Blockchain on vSphere utility “from the inside”. Let us tell you how to implement a blockchain project on the Hyperledger Fabric (also we will provide instructions for deploying Kubernetes).




    You accessed the cloud. What's next? How to connect to the cloud platform, why do you need a vCloud Director and how is it arranged? Answers to these and other questions are given in the article. After reading, you will learn how to create virtual machines yourself (from scratch or using a template).




    We are talking about the PCI DSS certification process and our own audit experience. It will be a question of four stages: preparation of documents, the organization of an infrastructure, passing of a pentest and auditor check. Note the subtleties that will help those who are going to be certified.




    Let's talk about two tools for moving the infrastructure from one cloud to another: VMware vCloud Connector and VMware vCloud Extender. And also about possible scenarios for their use.


    Information Security




    Material about the discovery of "Kaspersky Lab" - the Slingshot malware, which remained unnoticed for six years. You will learn about the history of the detection of the virus, its main components and mechanisms of operation.




    In this material we discuss the updated version of the TLS protocol: why the release was delayed for 4 years and what innovations were made in it. In particular, the discussion will deal with the “handshake” procedure, forward secrecy and 0-RTT mode.




    Here we offer an analysis of thematic article Semiconductor Engineering about the "aging" of chips in data centers. How increased warming up and increase in the workload of computing systems affect the lifetime of the chips and what can be done about it.




    We are talking about the "fall" of the popular profile platform: how two "problem" servers led to a deadlock situation and why it was not possible to determine the exact cause of the failure.




    In this article, we present the results of the global vulnerability response survey conducted by ServiceNow and the Ponemon Institute. Experts have found that hiring additional information security specialists does not lead to increased security. We explain the reasons for this paradox and give some proven tips to resolve it.




    How 2FA is implemented in the cloud environment, whether all providers provide this service and what you should pay attention to when activating this function.




    We tell why the presence of its data center is not an indicator of the reliability of an IaaS provider. We argue in favor of renting the infrastructure and prove that the construction and maintenance of our own data center often adversely affects the quality of the services provided by the cloud provider.



    PS Our other collections and digests:


    Also popular now: