Goldman Sachs: Fast Track Your Applications Onto Cloud - Aws Fsi Meetup Q1/2023

In the ever-evolving world of technology, ensuring the security of our systems and data is of utmost importance. With the constant threat of malicious actors seeking to gain unauthorized access to our information, it is crucial that we have robust security measures in place. This article will explore the significance of security guidelines and how they can help protect our technology.

Understanding the Threats

The first step in addressing any security concern is to identify the potential threats. By understanding what risks exist for a particular technology, we can take appropriate measures to mitigate them. In this case, we are discussing the security of storage objects and how they can be accessed.

One primary threat is the possibility of malicious actors gaining access to unencrypted objects. This serves as the initial step in detecting a potential threat. To combat this, one control measure that can be implemented is encrypting these objects. It may seem like a simple solution, but it can go a long way in enhancing security.

Defining Control Measures

Once we have identified the threats, it is essential to define control measures that can help reduce or eliminate them. In our example, let's focus on the control measure of encrypting objects. This control measure needs to be clearly defined and reviewed by our security team.

To ensure consistency and ease of implementation, these controls are defined using Rego and then used as policies within Opa (Open Policy Agent). This implementation is also thoroughly reviewed and unit tested by our dedicated security team. It is a collaborative effort between our Cloud enablement guardrail development team and our security team at Goldman.

Releasing the Controls

Now that we have established and reviewed the control measures, it is time to release them. However, it's important to note that while these controls are crucial for maintaining a secure environment, they can sometimes pose challenges for developers.

If there are numerous guardrails in place that hinder the development process, it can become time-consuming and frustrating for developers to navigate through them. To address this issue, we have developed an accelerator. This construction is designed to work in conjunction with the guardrails, allowing developers to quickly implement the necessary controls.

For example, if a developer wants to use a fast track S3 bucket, they can do so without being hindered by the ten guardrails that typically apply to S3. This enables them to swiftly and efficiently deploy their applications on the public cloud.

Embracing Security and Efficiency

In conclusion, security guidelines play