Life Sciences

HPC Lens for the AWS Well-Architected Framework

Issue link: https://read.uberflip.com/i/1187300

Contents of this Issue

Navigation

Page 29 of 46

Amazon Web Services – HPC Lens AWS Well-Architected Framework Page 26 In addition, consider running HPC workloads autonomously and ephemerally to limit exposure of sensitive data. Autonomous deployments require minimal user access to instances and thus minimize exposure of the resources. HPC data is typically produced within a limited time, minimizing the possibility of potential unauthorized data access. HPCSEC 1: Are managed services, autonomous methods, and ephemeral clusters used to minimize user access to the workload infrastructure? HPC architectures can use a variety of managed (for example, AWS Batch, AWS Lambda) and unmanaged compute services (for example, Amazon EC2). When architectures require direct access to the compute environments, such as connecting to an EC2 instance, users commonly connect through a Secure Shell (SSH) and authenticate with an SSH key. SSH keys should be treated as private data and rotated regularly. HPCSEC 2: What methods are you using to manage and rotate your SSH authentication keys? Detective Controls You can use detective controls to identify a potential security incident. These controls are an essential part of governance frameworks and can be used to support a quality process and legal and compliance obligations. They can also be used for threat identification and response efforts. Infrastructure Protection Infrastructure protection includes control methodologies, such as defense-in- depth and multi-factor authentication, which are necessary to meet best practices and industry and regulatory obligations. Use of these methodologies is critical for successful, ongoing operations in either the cloud or on-premises. Data Protection Before architecting any system, foundational practices that influence security should be in place. For example, data classification provides a way to categorize organizational data based on levels of sensitivity, and encryption protects data by rendering it unintelligible to unauthorized access. These tools and techniques

Articles in this issue

view archives of Life Sciences - HPC Lens for the AWS Well-Architected Framework