You Don’t Mess with the AWS Cloud – The Most Secure Cloud Platform – OR VITO & ROTTWEILERS WILL COME OUT OF NOWHERE!

3.4  AWS CLOUD & DATA SECURITY

AWS provides capabilities across all of your locations, your networks, software and business processes meeting the strictest security requirements that are continually audited for the broadest range of security certifications.

Some of AWS’ Strict Security Compliance and Privacy Certifications

Security at AWS is the highest priority. As an AWS customer, you benefit from a data center and network architecture built to meet the requirements of the most security-sensitive customers. Your data and applications are far more secure on AWS than in your own office.

Government, education and nonprofit organizations face unique challenges to accomplish complex missions with limited resources. Public sector leaders engaged in true cloud computing projects overwhelmingly turn to the power and speed of AWS when they want to serve citizens more effectively, achieve scientific breakthroughs, reach broader constituents and put more of their time and resources into their core missions – yet meet all regulatory, compliance, and security mandatory requirements.

The AWS cloud provides governance capabilities enabling continuous monitoring of configuration changes to your IT resources as well as giving you the ability to leverage multiple native AWS security and encryption features for a higher level of data protection and compliance – security at every level up to the most stringent government compliance no matter what your industry. AWS now serves more than 2,300 government, 7,000 education and 22,000 nonprofit organizations worldwide including the U.S. Government, the U.S. Intelligence Community & the U.S. Department of Defense, and NASA/JPL.

AWS provides several security capabilities and services to increase privacy and control network access, including network firewalls built into Amazon VPC, data encryption in Amazon S3 and connectivity options that enable private or dedicated connections from your on-premises environment. Data encryption in transit & at rest.

AWS uses a  “Shared Responsibility Model” when it comes to security. The reason for this is that not every customer wants everything locked down in the same manner. While AWS manages security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would for applications in an on-site datacenter.

AWS Shared Security Model Schematic (image courtesy of AWS properties)

To read AWS Security Best Practices, read this.

AWS has a tiered competency-badged network of partners that provide application development expertise, managed services and professional services such as data migration. This ecosystem, along with AWS’s training and certification programs, makes it easy to adopt and operate AWS in a best-practice fashion.

Some of the Types of AWS Security Solutions Available in AWS Marketplace

Recommended AWS Marketplace Security Solutions for Security are presented in an overview manner below. For more detail, visit this page.

Below I’ll overview some of the recommended ISVs for specific security solution in AWS Marketplace:

• Infrastructure Security: Help identify and protect your applications and infrastructure from cyber-attacks and other advanced threats vectors. Each solution in each security category has different features, so you’ll need to read about each solution’s features by clicking on the links to see which one best solves your security concerns:
  • Barracuda Web Application Firewall (free trial available)
  • Check Point vSEC – Next Generation Firewall & Threat Prevention (free trial available)
  • Trend Micro Deep Security
  • Alert Logic Threat Manager with ActiveWatch for AWS
  • (Intel Security) McAfee Public Cloud Server Security Suite (free trial available)
  • Symantic Endpoint Protection (free trial available)
  • Sophos UTM 9 (Auto Scaling PAYG) (free trial available)
  • Fortinet FortiGate-VM (free trial available)
  • Paloalto VM-Series Next-Generation Firewall Bundle 2 (free trial available)
  • Imperva SecureSphere WAF AV1000 Gateway v11.0 and Above for AWS (free trial available)
• Configuration & Vulnerability Analysis: Tools to help you inspect application deployments for security risks and vulnerabilities, while receiving priorities and advice to assist with remediation:
  • Unisys Stealth(cloud) Enterprise Manager
  • CloudCheckr Cost and Security Management (free trial available)
  • Tenable Nessus Scanner (Pre-Authorized)
  • Evident.io Security Platform (ESP for AWS (free trial available)
• Logging & Monitoring: Help maintain visibility and auditability of activity in your application infrastructure and receive policy-driven alerting, and reporting:
  • Sumo Logic Machine Data Analytics for Logs & Metrics
  • Splunk Enterprise
• Data Protection: Assist with safeguarding your data from unauthorized disclosure and modification, through encryption, key management, and policy-driven controls:
  • Gemalto SafeNet ProtectV (free trial available)
  • HyTrust DataControl for AWS (free trial available)
  • Townsend Alliance Key Manager for AWS

You can read the AWS Marketplace “Security Solutions on AWS” whitepaper here.

Access comprehensive developer documents on AWS Security Resources here.

Read the previous post here.

Read the next post here.

#gottaluvAWS! #gottaluvAWSMarketplace!