{"id":28419,"date":"2018-01-30T12:14:06","date_gmt":"2018-01-30T12:14:06","guid":{"rendered":"https:\/\/www.vmengine.net\/?p=28419"},"modified":"2025-05-23T17:15:45","modified_gmt":"2025-05-23T17:15:45","slug":"aws-cloud-security-discover-how-it-works","status":"publish","type":"post","link":"http:\/\/temp_new.vmenginelab.com\/en\/2018\/01\/30\/aws-cloud-security-discover-how-it-works\/","title":{"rendered":"AWS Cloud Security: discover how it works"},"content":{"rendered":"
\n
\n
\n
\n
\n

“<\/span>All that is outside of you can be subtracted at any time, just what’s inside of you is safe<\/span><\/i>“. This is a quote of the british ghostwriter <\/span>Jeannette Winterson<\/b>. What is true for human \u00a0it’s even more for companies, especially for those that works in internet world. <\/span><\/p><\/blockquote>\n

Cloud Security<\/b><\/a> is a particularly debated and controversial issue. Manager and entrepreneurs are asking a lot of questions about. <\/span><\/p>\n

\"\"<\/p>\n

Where do my data goes?<\/strong><\/p>\n

How to keep my data safe? \u00a0<\/strong><\/p>\n

What does it costs to set up a “impregnable fortress”?<\/strong><\/p>\n

 <\/p>\n

Amazon Web Services,<\/b> top of Cloud Provider<\/span><\/a>, makes safety an absolute priority. How? With a network data center architecture designed to satisfy most demanding companies, AWS allows its customers to recalibrate resources. But not only that, customers pay only for services that use.<\/span><\/p>\n

AWS has a benefit: datas are stored in highly secure and cutting-edge data centers and this allows to guarantee high levels of privacy with a lower price. Now we analyze privacy protection services that AWS provides to its customers.<\/span><\/p>\n

    \n
  1. Network firewalls integrated into <\/span>Amazon VPC<\/b> and web application firewall capabilities in<\/span> AWS WAF<\/span><\/a> that allow you to create private networks and control access to instances and applications;<\/span><\/li>\n
  2. Encryption in transit with TLS on all services;<\/span><\/li>\n
  3. Connectivity options that allow private or dedicated connections from the office or business environment.<\/span><\/li>\n<\/ol>\n

    Most frequent question is: where do my data go?<\/strong><\/span><\/p>\n

    What is certain is that they don’t dissolve in the clouds. AWS data centers have been designed to guarantee solid protection to protect customer’s privacy. All datas are stored in highly secure data centers in which staff can’t go in. Data centers are stored in<\/span> 49 availability zones distributed in 18 geographical regions all over the world. <\/b>A new expansion plan has been announced: with 12 new availability zones and 4 additional regions in Bahrain, Hong Kong, Sweden and a second AWS GovCloud region in the US, the storage space will be “infinite”. In addition, with AWS it’s possible to choose, physically, in which region store data. <\/span><\/p>\n

    \"\"<\/p>\n

    All this without losing sight of your data through tools that allow you to keep the AWS environment under control. How? With enhanced visibility on<\/span> API calls through<\/span><\/i> AWS CloudTrail<\/span><\/i><\/a>, log aggregation options and alert <\/span>notifications<\/b> by<\/span> Amazon CloudWatch<\/span><\/i><\/a>. <\/span><\/i>AWS allows you to define, apply and manage user access policies on all AWS services.<\/span><\/p>\n

    But now we come to<\/span> responsibility. <\/b>A single word that can be scary but not according to the Aws philosophy based on<\/span> shared <\/b><\/a>responsibility<\/b>. This model has a double utility: helps customers to relieve from operational burden because AWS deals with protecting global infrastructure on which all services are performed while the customer will be responsible for the guest operating system (including security updates and patches), other application software and security group firewall configuration provided by AWS. Generally, almost all Aws service’s require that customer perform certain configuration and security management tasks, according to public <\/span>White Paper<\/span><\/a> on AWS portal. As the image shows, customers will know well what is his area of responsibility and which instead of the provider.<\/span><\/p>\n

    \"\"<\/p>\n

    Despite all the efforts of AWS (and ours) to tell the best and the most possible\u00a0simply the concept of Shared Responsibility, surely Kate Turchin<\/a> has defeated the competition, explaining all in only 1:54 minutes, and in its own way …<\/p>\n