Keeping data and applications safe in the cloud is one the most visible challenges facing cloud teams in 2018. Cloud storage services where data resides are frequently a target for hackers, not because the services are inherently weak, but because they are often improperly configured. Encryption—to protect data at rest and in-flight—should be an organization’s..
Some of 2017’s largest data breaches involved unprotected Amazon Simple Storage (S3) buckets that left millions of customer data records exposed to the public. The problem wasn’t the technology, but administrators who improperly configured the security settings. For cloud teams in charge of security, understanding the configurations and options available for securing data in the..
Securing your data and applications in the cloud has never been more important. The headlines are a constant reminder of the disruptive (or calamitous) impact on a business in the wake of a breach. Many of 2017’s most high-profile breaches were a reminder of the vulnerabilities that can come from both inside and outside your..
The State of Cloud Security Companies in every industry are eager to leverage the benefits of the cloud and leave data center management and legacy technologies behind. As cost optimization and increased scale drive cloud adoption from the inside, the need to stay competitive to keep pace with market changes drives it from the outside…
Effective security requires close control over your data and resources. Bastion hosts, NAT instances, and VPC peering can help you secure your AWS infrastructure. Welcome to part four of my AWS Security overview. In part three, we looked at network security at the subnet level. This time, we’ll look at strategies to avoid unnecessarily exposing..
As ever, cloud security is the number-one priority for AWS. During the Tuesday Night Live event, just hours before Andy Jassy’s keynote, AWS announced the launch of Amazon GuardDuty, now the 10th service in the AWS Security, Identity & Compliance category. What is Amazon GuardDuty? Amazon GuardDuty is an intelligent threat detection service. It allows..
AWS security best practices begin with the AWS Shared Responsibility Model that dictates which security controls are AWS’s responsibility and which are yours. Updated: September 2017 – Inclusion of additional models Over my next several posts, I’ll be discussing AWS security best practices from different perspectives and covering different AWS services. The overall goal is to..
Considering the importance of security in everything digital, the role of Security Architect/Specialist is a growing specialization in the cloud industry. If you are looking to further develop your understanding of AWS Security (or maybe you want to become an AWS Security specialist), you may be struggling with where to begin. I’ll admit, given the amount..
Amazon Web Services is a global public cloud provider, and as such, it has to have a global network of infrastructure to run and manage its many growing cloud services that support customers around the world. In this post, we’ll take a look at the components that make up the AWS Global Infrastructure. The components..
With the ever increasing and expanding service catalog being developed by the engineers at AWS, it’s easy to get confused when it comes to understanding which AWS Compute service you need and which service you should be using for your deployments. Which service offers me the quickest deployment?” or “Which service offers the best managed solution?”or..