Visible to the public Building a Virtually Air-gapped Secure Environment in AWS


Erkang Zheng is a seasoned leader in cybersecurity with over 15 years of experience in all its domains from identity and access, penetration testing and incident response, to data, application and cloud security. He is passionate about combining innovation and execution to deliver practical solutions that address cybersecurity challenges at their root cause.

Erkang is currently the CISO at LifeOmic, a cloud technology company in the Health IT space.  Prior to joining LifeOmic Erkang was VP and Head of Product Security at Fidelity Personal Investing (PI), where he built the software security architecture and assurance practice for Fidelity PI that serviced over 12 million customer accounts. He also led a team of engineers working on customer protection solutions as well as patent-pending security research and products. Before Fidelity Erkang held key roles at IBM Security and at a number of tech startups. Erkang earned both B.S. and M.S. degrees in Computer Science from NC State University and holds several industry certifications such as CISSP. He has been a regular speaker at industry conferences such as IBM Insight and NH-ISAC Summits.  Outside of work Erkang enjoys deep-sea fishing, skiing, and fast cars.

Phil Idem-Gates is a Software Architect at LifeOmic. At LifeOmic he helped build a software delivery pipeline that is used to securely build and deploy software to multiple AWS cloud accounts. He has also been heavily involved in the automation of the LifeOmic platform using tools such as terraform, Node.js, Jenkins, Bitbucket, and Jira.

Phil is an active contributor to open source software projects such as Marko.js and Lasso.js. He also enjoys mentoring, teaching, and advancing the art of software development. When not coding, his pursuits include soccer, bodybuilding, traveling, and scuba diving.

Matt Lavin has known he was going to be a software engineer for as long as he can remember. He earned a bachelor’s degree in computer science from North Carolina State University in 2001 and started his career at IBM building developer tools and cloud DevOps tools. Currently he is at LifeOmic building software products and shaping architecture while growing from seven to almost forty people in just a year. Matt is active in the local DevOps and Node.js Meetups, has created and contributed to numerous open source projects and is thinking about computers almost all the time.


This talk presents the development and configuration of a virtually air-gapped cloud environment in AWS, to secure the production software workloads and patient data (ePHI) and to achieve HIPAA


Creative Commons 2.5

Other available formats:

Building a Virtually Air-gapped Secure Environment in AWS