Tag Archives: audits

AWS Dedicated Instances, Hypervisor Security, and Multi-tenancy

Posted on by Randy Bias

Most everyone in the blog ecosystem has missed both the point and some of the economics of AWS Dedicated Instances that were recently announced.  Folks like The Register focus on how a single virtual instance can cost $109,324 for a year … Continue reading

More on Amazon’s SAS70 Type II

Posted on by Randy Bias

Amazon hasn’t been forthcoming since my last post on their control and control objectives, which is disappointing, but expected.  I still believe that transparency here is more important than security through obscurity.  Hiding the controls and control objectives doesn’t provide … Continue reading

Why is Amazon’s SAS70 Audit Bogus?

Posted on by Randy Bias

At first glance it seems like Amazon’s recent announcement of a successful SAS70 audit is grounds for celebration[1]. Certainly it has met with fanfare on Twitter and blogs. Unfortunately, a SAS70 audit isn’t what most people think it is. Worse … Continue reading