SlideShare a Scribd company logo

Examview cloud security summary

William McIntosh
William McIntosh
Education
1 of 4
Download to read offline
SECURITY SUMMARY Amazon Web Services (AWS) Amazon Web Services (AWS) is a leading provider of cloud-based services and solutions. There are several important reasons that Turning Technologies chose AWS to be our cloud hosting provider for the ExamView Cloud system: • Secure: In order to provide end-to-end security and end-to-end privacy, industry experts AWS build services in accordance with security best practices, provide the appropriate security features in those services, and document how to use those features. • Scalable and Elastic: Turning Technologies can quickly add and subtract AWS resources to their applications in order to meet customer demand and manage costs. We ensure our products are of the highest quality with the most responsible pricing for our clients. • Experienced: When using AWS, organizations can leverage Amazon’s leadership in the industry, with more than 15 years of experience delivering large-scale, global infrastructure in a reliable, secure fashion to some of the most prolific web-based commerce companies.
SECURITY SUMMARY Security Security is one of the fundamental design requirements of the ExamView Cloud application. This requirement is comprised of several key aspects that, when combined, create a secure system. Data Privacy The protection of customer data is a very important requirement of the ExamView Cloud system. ExamView Cloud contains Personal Identifying Information (PII) in the form of first and last name, and (potentially) student identifiers like email and ID number. In order to secure this PII data at rest, these fields are encrypted within the AWS Relational Data Store (RDS) database using industry “best practice” encryption technologies. Network Security All communication between the end user and the ExamView Cloud application is performed over the HTTPS “Secure Socket Layer” (SSL) protocol. In the event that an end user makes a regular HTTP request, ExamView Cloud will automatically rewrite the non-secure HTTP request into an HTTPS request before allowing the end user to access the information. ExamView Cloud utilizes AWS firewalls and security groups to limit communication between service layers and between individual servers. ExamView Cloud is hosted by our own Virtual Private Cloud (VPC) within the AWS infrastructure. This VPC architecture provides additional isolation for the ExamView Cloud application.4 Service Security Individual AWS services and hosted servers are secured using AWS Identity and Access Management (IAM). IAM provides a role-based system for controlling access to services and servers. The ExamView Cloud architecture utilizes IAM roles to limit the group of administrators that are authorized to sign in to the hosted services and servers. IAM roles are also utilized to control the actions that each type of hosted server is allowed to perform within the AWS service environment.5 Physical Security Physical security encompasses limiting access to actual hardware computing infrastructure. This is one of the most important tenants of application security, as a failure at this level can render security controls at other levels useless. Law #3 of the “Microsoft 10 Immutable Laws of Security” article states: “If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.”2
SECURITY SUMMARY AWS takes many steps to ensure the physical security of their data centers. The first of these measures involves “limiting knowledge of the location of the data centers to those within Amazon who have a legitimate business reason for this information.”1 For employees that are authorized to access the data center, “physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centers by AWS employees is logged and audited routinely.”3 In addition to these access controls, AWS provides fire detection and suppression, uninterrupted power supplies, climate and temperature management and preventative building maintenance. These items are detailed in the “Amazon Web Services: Overview of Security Processes” white paper.3 Scalability Due to the often large, but always varying size of the participant user base, it is important that the ExamView Cloud application is able to scale to meet user demand. AWS provides two mechanisms that help ExamView Cloud meet this requirement. Auto Scaling Groups The ExamView Cloud application is hosted on application servers. Each application server is able to provide service to a limited number of clients. AWS Auto Scaling Groups (ASG) allow the system to automatically increase or decrease the number of available application servers to meet user demand. ASGs utilize AWS performance metrics, such as average response time, CPU utilization and request counts in order to provide a high quality of service for the user while minimizing excess capacity.6 Elastic Load Balancing The AWS Elastic Load Balancer (ELB) is an essential component of the auto scaling process. All requests that are destined for the ExamView Cloud application pass through the ELB. The ELB utilizes performance metrics to distribute the request workload amongst the available application server instances.7
SECURITY SUMMARY References 1. Varia, J. & Mathew, S. (2014, January). Overview of Amazon Web Services. Retrieved from http://media.amazonwebservices.com/AWS_Overview.pdf 2. Microsoft 10 Immutable Laws of Security. (2014, January). Technet.Microsoft.com. Retrieved from http://technet.microsoft.com/library/cc722487.aspx#EIAA 3. Amazon, Inc. (2014, November). Amazon Web Services: Overview of Security Processes. Retrieved from http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf 4. Amazon VPC. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/vpc/ 5. AWS Identity and Access Management (IAM). (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/iam/ 6. Auto Scaling. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/autoscaling/ 7. Elastic Load Balancing. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/elasticloadbalancing/ 8. Regions and Availability Zones. (2013, October). Docs.AWS.Amazon.com. Retrieved from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html Reliability The ExamView Cloud application is designed to be a highly available and reliable system. ExamView Cloud utilizes multiple AWS availability zones to meet this requirement. Availability Zones Within each region, AWS offers multiple availability zones. Each availability zone is an isolated infrastructure segment that is connected via a low-latency link to the other availability zones in the region.8 In the event of an infrastructure failure, it is unlikely that the failure would affect multiple availability zones. ExamView Cloud is designed to utilize services in many different availability zones to minimize application service disruption.

Recommended

Tcp security white paper
Tcp security white paperTcp security white paper
Tcp security white paperWilliam McIntosh
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questionsShivamSharma909
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Getting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesGetting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesAmazon Web Services
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAmazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewValdez Ladd MBA, CISSP, CISA,
 

Recommended

Tcp security white paper
Tcp security white paperTcp security white paper
Tcp security white paperWilliam McIntosh
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questionsShivamSharma909
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Getting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesGetting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesAmazon Web Services
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAmazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewValdez Ladd MBA, CISSP, CISA,
 
Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7CA API Management
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance OverviewRightScale
 
Aws security-pillar
Aws security-pillarAws security-pillar
Aws security-pillarNattawut Kongkotchawan
 
AWS Security
AWS Security AWS Security
AWS Security Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
 
Compliance with AWS
Compliance with AWSCompliance with AWS
Compliance with AWSAmazon Web Services
 
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
Architecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayArchitecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Identity in the cloud using Microsoft
Identity in the cloud using MicrosoftIdentity in the cloud using Microsoft
Identity in the cloud using MicrosoftOrbit One - We create coherence
 
Azure media services
Azure media servicesAzure media services
Azure media servicesRaju Kumar
 
Managing the Life Cycle of IT Products
Managing the Life Cycle of IT ProductsManaging the Life Cycle of IT Products
Managing the Life Cycle of IT ProductsAmazon Web Services
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
 
Azure appservice
Azure appserviceAzure appservice
Azure appserviceRaju Kumar
 
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...Amazon Web Services
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAMRichard Harvey
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 
Security compute services_whitepaper
Security compute services_whitepaperSecurity compute services_whitepaper
Security compute services_whitepapersaifam
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Solar System And Stars
Solar System And StarsSolar System And Stars
Solar System And StarsWilliam McIntosh
 
Ed tech-infographic
Ed tech-infographicEd tech-infographic
Ed tech-infographicWilliam McIntosh
 

More Related Content

What's hot

Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7CA API Management
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance OverviewRightScale
 
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
Architecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayArchitecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Azure media services
Azure media servicesAzure media services
Azure media servicesRaju Kumar
 
Managing the Life Cycle of IT Products
Managing the Life Cycle of IT ProductsManaging the Life Cycle of IT Products
Managing the Life Cycle of IT ProductsAmazon Web Services
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
 
Azure appservice
Azure appserviceAzure appservice
Azure appserviceRaju Kumar
 
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...Amazon Web Services
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 
Security compute services_whitepaper
Security compute services_whitepaperSecurity compute services_whitepaper
Security compute services_whitepapersaifam
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 

What's hot (20)

Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7Amazon Web Services Federation Integration Governance Workshop with Layer 7
Amazon Web Services Federation Integration Governance Workshop with Layer 7
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance Overview
 
Aws security-pillar
Aws security-pillarAws security-pillar
Aws security-pillar
 
AWS Security
AWS Security AWS Security
AWS Security
 
Compliance with AWS
Compliance with AWSCompliance with AWS
Compliance with AWS
 
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
Architecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayArchitecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlay
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Identity in the cloud using Microsoft
Identity in the cloud using MicrosoftIdentity in the cloud using Microsoft
Identity in the cloud using Microsoft
 
Azure media services
Azure media servicesAzure media services
Azure media services
 
Managing the Life Cycle of IT Products
Managing the Life Cycle of IT ProductsManaging the Life Cycle of IT Products
Managing the Life Cycle of IT Products
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App Security
 
Azure appservice
Azure appserviceAzure appservice
Azure appservice
 
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
Getting Started with your User Pools in Amazon Cognito - AWS June 2016 Webina...
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAM
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and Compliance
 
Security compute services_whitepaper
Security compute services_whitepaperSecurity compute services_whitepaper
Security compute services_whitepaper
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 

Viewers also liked

Exam view dynamic recalculation files
Exam view dynamic recalculation filesExam view dynamic recalculation files
Exam view dynamic recalculation filesWilliam McIntosh
 
Cps for powerpoint:mac user guide
Cps for powerpoint:mac user guideCps for powerpoint:mac user guide
Cps for powerpoint:mac user guideWilliam McIntosh
 
Roscoe's ox swamp adventure
Roscoe's ox swamp adventureRoscoe's ox swamp adventure
Roscoe's ox swamp adventureWilliam McIntosh
 
Literary terms-power point-free
Literary terms-power point-freeLiterary terms-power point-free
Literary terms-power point-freeWilliam McIntosh
 

Viewers also liked (9)

Solar System And Stars
Solar System And StarsSolar System And Stars
Solar System And Stars
 
Ed tech-infographic
Ed tech-infographicEd tech-infographic
Ed tech-infographic
 
Exam view dynamic recalculation files
Exam view dynamic recalculation filesExam view dynamic recalculation files
Exam view dynamic recalculation files
 
Cps for powerpoint:mac user guide
Cps for powerpoint:mac user guideCps for powerpoint:mac user guide
Cps for powerpoint:mac user guide
 
Roscoe's ox swamp adventure
Roscoe's ox swamp adventureRoscoe's ox swamp adventure
Roscoe's ox swamp adventure
 
Star trek triva
Star trek trivaStar trek triva
Star trek triva
 
Cps for mac user guide
Cps for mac user guideCps for mac user guide
Cps for mac user guide
 
Literary terms-power point-free
Literary terms-power point-freeLiterary terms-power point-free
Literary terms-power point-free
 
Fire Egress Training
Fire Egress TrainingFire Egress Training
Fire Egress Training
 

Similar to Examview cloud security summary

Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Amazon Web Services
 
Aws security-pillar
Aws security-pillarAws security-pillar
Aws security-pillarsaifam
 
Aws auditing security_checklist
Aws auditing security_checklistAws auditing security_checklist
Aws auditing security_checklistsaifam
 
Amazon Web Services: Overview of Security Processes
Amazon Web Services: Overview of Security ProcessesAmazon Web Services: Overview of Security Processes
Amazon Web Services: Overview of Security Processeswhite paper
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtHelen Rogers
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at ScaleAmazon Web Services
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 
Automating nist 800 171 compliance in AWS Govcloud (US)
Automating nist 800 171 compliance in AWS Govcloud (US)Automating nist 800 171 compliance in AWS Govcloud (US)
Automating nist 800 171 compliance in AWS Govcloud (US)Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
Research paper.pptx
Research paper.pptxResearch paper.pptx
Research paper.pptxShibiApp
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEcscpconf
 
CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxghadiv05
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...Amazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 

Similar to Examview cloud security summary (20)

Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
Aws security-pillar
Aws security-pillarAws security-pillar
Aws security-pillar
 
Aws auditing security_checklist
Aws auditing security_checklistAws auditing security_checklist
Aws auditing security_checklist
 
Amazon Web Services: Overview of Security Processes
Amazon Web Services: Overview of Security ProcessesAmazon Web Services: Overview of Security Processes
Amazon Web Services: Overview of Security Processes
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at Scale
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 
Automating nist 800 171 compliance in AWS Govcloud (US)
Automating nist 800 171 compliance in AWS Govcloud (US)Automating nist 800 171 compliance in AWS Govcloud (US)
Automating nist 800 171 compliance in AWS Govcloud (US)
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 
Research paper.pptx
Research paper.pptxResearch paper.pptx
Research paper.pptx
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
 
CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptx
 
Security and compliance
Security and complianceSecurity and compliance
Security and compliance
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 

More from William McIntosh

K12 Examview Cloud webinar
K12 Examview Cloud webinarK12 Examview Cloud webinar
K12 Examview Cloud webinarWilliam McIntosh
 
Buy3 get1freeiwb special spring 2016
Buy3 get1freeiwb special spring 2016Buy3 get1freeiwb special spring 2016
Buy3 get1freeiwb special spring 2016William McIntosh
 
Cc special i360cmobileqt-spring 2016
Cc special i360cmobileqt-spring 2016Cc special i360cmobileqt-spring 2016
Cc special i360cmobileqt-spring 2016William McIntosh
 
Turning Point Lite for Smart Notebook
Turning Point Lite for Smart NotebookTurning Point Lite for Smart Notebook
Turning Point Lite for Smart NotebookWilliam McIntosh
 
What is turning point cloud for k 12?
What is turning point cloud for k 12?What is turning point cloud for k 12?
What is turning point cloud for k 12?William McIntosh
 
Turning point cloud promo with pricing
Turning point cloud promo with pricingTurning point cloud promo with pricing
Turning point cloud promo with pricingWilliam McIntosh
 
Buy3 get1free Interactive Whiteboard Special
Buy3 get1free Interactive Whiteboard SpecialBuy3 get1free Interactive Whiteboard Special
Buy3 get1free Interactive Whiteboard SpecialWilliam McIntosh
 
Say hello to examview cloud
Say hello to examview cloudSay hello to examview cloud
Say hello to examview cloudWilliam McIntosh
 
I360 cloud casestudy lawson
I360 cloud casestudy lawsonI360 cloud casestudy lawson
I360 cloud casestudy lawsonWilliam McIntosh
 

More from William McIntosh (20)

K12 Examview Cloud webinar
K12 Examview Cloud webinarK12 Examview Cloud webinar
K12 Examview Cloud webinar
 
Buy3 get1freeiwb special spring 2016
Buy3 get1freeiwb special spring 2016Buy3 get1freeiwb special spring 2016
Buy3 get1freeiwb special spring 2016
 
I360 c mobile-spring 2016
I360 c mobile-spring 2016I360 c mobile-spring 2016
I360 c mobile-spring 2016
 
Cc special i360cmobileqt-spring 2016
Cc special i360cmobileqt-spring 2016Cc special i360cmobileqt-spring 2016
Cc special i360cmobileqt-spring 2016
 
I360 cloud 2016
I360 cloud 2016I360 cloud 2016
I360 cloud 2016
 
Turning Point Lite for Smart Notebook
Turning Point Lite for Smart NotebookTurning Point Lite for Smart Notebook
Turning Point Lite for Smart Notebook
 
Ev assessment suite 2016
Ev assessment suite 2016Ev assessment suite 2016
Ev assessment suite 2016
 
K12 update-i360c
K12 update-i360cK12 update-i360c
K12 update-i360c
 
Bill McIntosh, itutor
Bill McIntosh, itutorBill McIntosh, itutor
Bill McIntosh, itutor
 
Work space sales flyer
Work space sales flyerWork space sales flyer
Work space sales flyer
 
Eitt product brochure
Eitt product brochureEitt product brochure
Eitt product brochure
 
What is turning point cloud for k 12?
What is turning point cloud for k 12?What is turning point cloud for k 12?
What is turning point cloud for k 12?
 
Turning point cloud promo with pricing
Turning point cloud promo with pricingTurning point cloud promo with pricing
Turning point cloud promo with pricing
 
I360 cloud mobile special
I360 cloud mobile specialI360 cloud mobile special
I360 cloud mobile special
 
Buy3 get1free Interactive Whiteboard Special
Buy3 get1free Interactive Whiteboard SpecialBuy3 get1free Interactive Whiteboard Special
Buy3 get1free Interactive Whiteboard Special
 
Exanview learning series
Exanview learning seriesExanview learning series
Exanview learning series
 
Say hello to examview cloud
Say hello to examview cloudSay hello to examview cloud
Say hello to examview cloud
 
Cc special i360cmobile qt
Cc special i360cmobile qtCc special i360cmobile qt
Cc special i360cmobile qt
 
Cc special i360cmobilenxt
Cc special i360cmobilenxtCc special i360cmobilenxt
Cc special i360cmobilenxt
 
I360 cloud casestudy lawson
I360 cloud casestudy lawsonI360 cloud casestudy lawson
I360 cloud casestudy lawson
 

Recently uploaded

POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 

Recently uploaded (20)

Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 

Examview cloud security summary

  • 1. SECURITY SUMMARY Amazon Web Services (AWS) Amazon Web Services (AWS) is a leading provider of cloud-based services and solutions. There are several important reasons that Turning Technologies chose AWS to be our cloud hosting provider for the ExamView Cloud system: • Secure: In order to provide end-to-end security and end-to-end privacy, industry experts AWS build services in accordance with security best practices, provide the appropriate security features in those services, and document how to use those features. • Scalable and Elastic: Turning Technologies can quickly add and subtract AWS resources to their applications in order to meet customer demand and manage costs. We ensure our products are of the highest quality with the most responsible pricing for our clients. • Experienced: When using AWS, organizations can leverage Amazon’s leadership in the industry, with more than 15 years of experience delivering large-scale, global infrastructure in a reliable, secure fashion to some of the most prolific web-based commerce companies.
  • 2. SECURITY SUMMARY Security Security is one of the fundamental design requirements of the ExamView Cloud application. This requirement is comprised of several key aspects that, when combined, create a secure system. Data Privacy The protection of customer data is a very important requirement of the ExamView Cloud system. ExamView Cloud contains Personal Identifying Information (PII) in the form of first and last name, and (potentially) student identifiers like email and ID number. In order to secure this PII data at rest, these fields are encrypted within the AWS Relational Data Store (RDS) database using industry “best practice” encryption technologies. Network Security All communication between the end user and the ExamView Cloud application is performed over the HTTPS “Secure Socket Layer” (SSL) protocol. In the event that an end user makes a regular HTTP request, ExamView Cloud will automatically rewrite the non-secure HTTP request into an HTTPS request before allowing the end user to access the information. ExamView Cloud utilizes AWS firewalls and security groups to limit communication between service layers and between individual servers. ExamView Cloud is hosted by our own Virtual Private Cloud (VPC) within the AWS infrastructure. This VPC architecture provides additional isolation for the ExamView Cloud application.4 Service Security Individual AWS services and hosted servers are secured using AWS Identity and Access Management (IAM). IAM provides a role-based system for controlling access to services and servers. The ExamView Cloud architecture utilizes IAM roles to limit the group of administrators that are authorized to sign in to the hosted services and servers. IAM roles are also utilized to control the actions that each type of hosted server is allowed to perform within the AWS service environment.5 Physical Security Physical security encompasses limiting access to actual hardware computing infrastructure. This is one of the most important tenants of application security, as a failure at this level can render security controls at other levels useless. Law #3 of the “Microsoft 10 Immutable Laws of Security” article states: “If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.”2
  • 3. SECURITY SUMMARY AWS takes many steps to ensure the physical security of their data centers. The first of these measures involves “limiting knowledge of the location of the data centers to those within Amazon who have a legitimate business reason for this information.”1 For employees that are authorized to access the data center, “physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centers by AWS employees is logged and audited routinely.”3 In addition to these access controls, AWS provides fire detection and suppression, uninterrupted power supplies, climate and temperature management and preventative building maintenance. These items are detailed in the “Amazon Web Services: Overview of Security Processes” white paper.3 Scalability Due to the often large, but always varying size of the participant user base, it is important that the ExamView Cloud application is able to scale to meet user demand. AWS provides two mechanisms that help ExamView Cloud meet this requirement. Auto Scaling Groups The ExamView Cloud application is hosted on application servers. Each application server is able to provide service to a limited number of clients. AWS Auto Scaling Groups (ASG) allow the system to automatically increase or decrease the number of available application servers to meet user demand. ASGs utilize AWS performance metrics, such as average response time, CPU utilization and request counts in order to provide a high quality of service for the user while minimizing excess capacity.6 Elastic Load Balancing The AWS Elastic Load Balancer (ELB) is an essential component of the auto scaling process. All requests that are destined for the ExamView Cloud application pass through the ELB. The ELB utilizes performance metrics to distribute the request workload amongst the available application server instances.7
  • 4. SECURITY SUMMARY References 1. Varia, J. & Mathew, S. (2014, January). Overview of Amazon Web Services. Retrieved from http://media.amazonwebservices.com/AWS_Overview.pdf 2. Microsoft 10 Immutable Laws of Security. (2014, January). Technet.Microsoft.com. Retrieved from http://technet.microsoft.com/library/cc722487.aspx#EIAA 3. Amazon, Inc. (2014, November). Amazon Web Services: Overview of Security Processes. Retrieved from http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf 4. Amazon VPC. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/vpc/ 5. AWS Identity and Access Management (IAM). (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/iam/ 6. Auto Scaling. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/autoscaling/ 7. Elastic Load Balancing. (2014, January). AWS.Amazon.com. Retrieved from http://aws.amazon.com/elasticloadbalancing/ 8. Regions and Availability Zones. (2013, October). Docs.AWS.Amazon.com. Retrieved from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html Reliability The ExamView Cloud application is designed to be a highly available and reliable system. ExamView Cloud utilizes multiple AWS availability zones to meet this requirement. Availability Zones Within each region, AWS offers multiple availability zones. Each availability zone is an isolated infrastructure segment that is connected via a low-latency link to the other availability zones in the region.8 In the event of an infrastructure failure, it is unlikely that the failure would affect multiple availability zones. ExamView Cloud is designed to utilize services in many different availability zones to minimize application service disruption.