Start from the Ground Up
The architecture of a system and its security properties are intertwined. Security cannot be "bolted on" to a system that has already been constructed. Amperity has been designed with security as its primary concern from the very beginning. Security is a core part of Amperity’s development process, from initial architecture through deployment and operations.
Modern systems designed for large scale data processing are extraordinarily complex, requiring coordination of hundreds of machines. Effective security practice in a system of this complexity requires a mastery of change management and the ability to respond quickly. Amperity completely automates its systems, from infrastructure provisioning through code deployment. Incident response time is nearly instantaneous regardless of the nature of the issue.
It is impossible to quantitatively improve something that is not measured or observed. This is particularly true in the domain of security. Attackers work hard to compromise systems and to avoid detection. A breach of an unmonitored system may go unnoticed until it’s too late. Amperity applies comprehensive measures at every layer of the stack to proactively observe anomalies and maintain security visibility across all systems, services, and resources.
Balance People, Process, and Technology
A system’s security is only as strong as its weakest link. Thus, imbalance in focus across the spectrum of security concerns leads to failure. Each concern is necessary, but individually not sufficient. Amperity deeply respects the importance of each area of concern, and constantly works to keep them in ideal balance, ensuring that no single failure puts the security of the system in jeopardy.