When questioned about their biggest concern when it comes to cloud technology, most enterprises answered “security“. Security is foundational to Amazon Web Services: without the ability to protect customer data, AWS would not have a business. Here is how AWS maintains the security of more than 1 million active customers.
AWS maintains a world-class level of security by complying with a wide array of security assurance programs, including HIPAA, ISO 9001, ISO 27001, FedRAMP and several others. Part of compliance involves having built-in security features such as multi-factor authentication, firewalls, encrypted data storage, security logs, and more. AWS also secures their physical data centers with military-grade surveillance equipment and security personnel—even the exact locations of these facilities are known only to AWS personnel.
You can go through their security white paper for an overview of all their security processes and checklists.
AWS guarantees 99.99% availability across all 11 of their regions. This is because each region has multiple availability zones, each usually having more than one data center. If one should go down due to fire, flood, hacker intrusion, or machine failure, the others will remain functional, allowing you to retain access to your data.
Security is proactive in AWS: it moves to stay ahead of threats by continually assessing its processes and finding ways to improve it. At the same time, it monitors your environment in real time and notifies you of any changes. Through AWS Cloudtrail, AWS logs all changes done to its security—who made the change, what they changed, and when. This also applies to any improvements AWS does on your behalf.
Thanks to these logs, AWS is able to provide proof of active security measures. This comes in particularly useful during audits. No longer do you have to scramble to find evidence of your firewall rules or security configurations. By using AWS Config, you can easily bring up the logs you need.
This level of security is made available to all users, from the ones using the free account to large organizations like NASA and Pinterest. However, remember that AWS operates on the idea that security is a shared responsibility. This means that while AWS is responsible for the security of its cloud infrastructure, you as the user are responsible for what goes on in your cloud environment. It is essential for that you review your own security measures, rotate keys and passwords, and stay aware of current threats.
For a full description of AWS security as well as some uses cases, check out the video below. If you are interested learning how this applies to your company, contact a certified PolarSeven cloud expert today.
[video_player type=”youtube” width=”560″ height=”315″ align=”center” margin_top=”0″ margin_bottom=”20″ border_size=”3″ border_color=”#1298e2″]aHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1PRUs3bUhuNEpMcw==[/video_player]