Technology Background

How Amazon Web Services (AWS) Cloud Security Works

Posted by James Sanchez, Solutions Engineer for Data on Aug 28, 2019

cloud securityYou have data, you have compliance requirements — and you want to save money and scale quickly, so what are your options when it comes to the cloud? Amazon Web Services (AWS) has you covered with a secure platform based on the services you select.

Nowadays it’s difficult to escape the daily news headlines about the latest security breach or company plagued by ransomware. Cloud security is a huge concern. While there are many misconceptions about it, one thing is clear. A solution like AWS depends on a partnership between the customer and the provider to make it work.

According to Gartner, at least 95% of cloud security failures are the fault of the customer, so how can you better protect your cloud environment?

Let’s take a step back and look at how AWS became the “Infrastructure as a Service” leader that we know today. Back when Amazon was solely an e-commerce company, they needed a way to scale their own infrastructure. The company decided to build their own internal systems, but quickly ran into problems, forcing them to create an operating system of sorts that worked on top of the internet. It wasn’t until years later that they realized this infrastructure as a service could be sold to other organizations.

Security of Cloud Versus On-Prem

Cloud security encompasses a set of policies and procedures that protect valuable information from getting leaked, stolen or deleted. As with on-prem IT infrastructure, cloud security focuses on high-level threats. And because the cloud exists in a dynamic environment that can scale while still remaining secure, performing any preventive and corrective actions is easy, following the same processes and strategies applicable to on-prem environments.

Security is mostly about access, right? In an on-prem environment, limiting access is about creating a secure perimeter. But the cloud doesn’t provide that. It’s a highly connected environment that allows traffic to flow in and out of it through the internet. Security in the cloud requires preventing unauthorized access through data encryption — and creating strong passwords and two-factor authentication.

AWS Shared Responsibility Model for Security and Compliance

AWS, like most cloud providers, assumes responsibility for the security of the cloud, while the customer and AWS share the burden of securing data. This is how the shared responsibility model between AWS and its customers works. It’s commonly referred to as Security “of” the Cloud versus Security “in” the Cloud to demonstrate the individual role held by AWS and the customer.

For its part to provide “Security of the Cloud”, AWS is responsible for protecting the essential infrastructure composed of hardware, software, networking and facilities. With a dedicated team of security professionals and a budget that overshadows even the largest enterprise, AWS provides the highest level of cloud security. This model removes the customer’s operational burden — and even provides a physical infrastructure housed in an off-site data center.

Customers are responsible for a different set of security protocols based on which AWS services they select. Security in the Cloud for customers means protecting their own data and any custom applications deployed in AWS. Customers must also ensure that proper access controls are managed, whether encouraging users to create strong passwords or employing two-factor verification.

As cloud computing becomes a more widespread way for organizations to offload their IT infrastructure, security remains a top concern. But with AWS, initially built as an internal platform for online retail leader Amazon, security is backed by their significant investments and a trusted team of security professionals. This often makes the cloud more secure than your own on-prem IT infrastructure.

Learn more about AWS and how it can help secure your organization’s data.

Topics: Cloud Infrastructure, AWS

cta placeholder
Request a Consultation Background Image

Request a Consultation

MEET THE AUTHOR

James Sanchez, Solutions Engineer for Data

James Sanchez, Solutions Engineer for Data

James works with clients to create secure cloud infrastructures that are optimized for performance. He has extensive experience as a software developer and solutions architect.

MORE POSTS BY JAMES SANCHEZ, SOLUTIONS ENGINEER FOR DATA