Date posted: 8th October 2015
At Amazon’s recent re:Invent cloud conference held in Las Vegas, NV; Chief Information Security Officer (CISO) Steve Schmidt spoke about the state of public cloud security for the enterprise in relation to Amazon Web Services.
“Enterprise Security is not where it needs to be” stated Schmidt in his opening remarks. Security in the cloud creates challenges not seen in traditional on-premises customer environments. The biggest problem according to CISO Schmidt was the lack of automation in cloud deployments and environments. The company announced several products at the re:invent conference to change just that and dispel the myth that the public cloud is not secure or enterprise ready.
One of Amazon Web Services newest products is Amazon Inspector which is designed to analyze the behavior of the applications that a customer runs in AWS and helps find potential security issues. This is similar to how a Managed Security Operations Center would log and collect data from all network and data center infrastructure in order to analyze anomalies and in turn mitigate risks.
Inspector works at the application level which is the forefront of modern cyber security. You create a collection of AWS resources that roll up into your application, then run a security assessment of the application based on that collection. Inspector will capture live real-time activity including all communication with AWS services, use of secure channels, network traffic and more. This provides a complete picture of the application and any potential security or compliance issues.
Straight “out-of-the-box” Amazon Inspector includes multiple best practice rules but CISO and Cloud Managed Services providers may control these as needed for specific environments.
re:Invent also gave Amazon the chance to launch their Web Application Firewall, another major security feature in order to secure the public cloud. Web Application Firewall protects the network at the application level against SQL or PHP injection attacks two of the most common network intrusion paths. It allows for custom rules to control what type of traffic an application can allow and what should be blocked. This both creates security for the network but also internal access controls as needed.
All of these advances in public cloud and amazon web services security are designed to put to rest the myth that the cloud is not enterprise class secure. Amazon cited several enterprise-class case studies in order to continue to dispel this myth.
Capital One, one of the United States largest credit card and banking companies uses Amazon Web Services in order to host their mobile banking application. Capital One believes by working closely with Amazon Web Services and security consultants they have built security that is as strong, if not stronger, than the security of the in-house data centers it operates. The migration to Amazon Web Services has enabled Capital One to reduced their data centers from 8 to 4.
General Electric, one of the world’s largest companies is embracing Amazon Web Services and the public cloud. CIO Jim Fowler stated “the move to cloud computing is one of the most important transitions in our 140 year history”
“This is no longer a test, we’re migrating [our data center] and are glad to have Amazon Web Services be our partner” – General Electric CIO Jim Fowler
This enterprise class level of security and services makes Amazon Web Services the preferred choice of companies in the small and mid-sized business segment as well. Netfast Cloud Managed Services is a trusted consultant for thousands of companies in the New York Metro area and beyond. We focus on cloud migration solutions that transform IT to achieve business objectives as a consulting partner with Amazon Web Services we can provide enterprise class security and cloud computing for mid-sized enterprises throughout the New York region.
Read more about Cloud Managed Services