Newvem, the feisty Israeli startup that made waves by pointing out just how insecure (or badly configured) many customers’ Amazon(s amzn) cloud instances are, is taking steps to remedy that situation.
As Gigaom reported in April, many customers have more money than sense when it comes to spinning up instances in Amazon’s EC2 cloud. According to Newvem’s CloudRadar survey, which studied 200 AWS users over a 7-day period:
More than half of “light” AWS users — those with fewer than 8 instances — left critical IP ports open to the Internet — a really bad security practice. And 42 percent of medium users (those running 9 to 35 instances) had 50 percent of their instances laying idle. Moreover, nearly a third (30 percent) of heavy users also have let at least 50 percent of their instances remain idle. Newvem defines heavy users as those running more than 36 AWS instances.
Now, Newvem has called in reinforcements, in the form of Dome9, a security SaaS provider that closes cloud service ports to harden EC2 instances. The two companies are partnering to make it easier for customers to bolster the security of their EC2 cloud instances.
When Newvem’s service finds open ports problems in customer instances, it will offer Dome9 as a recommended solution from the Newvem dashboard. The user can then elect to use Dome9’s service. Newvem would continue to monitor the user’s cloud to flag other problems as they occur.
Monitoring customer use of public clouds like AWS is a growing cottage industry with companies like Cloudyn, Cloudability and others taking on this issue. The idea is to help customers better provision their cloud instances, build them right, and keep them secure.