Cloud Security: Fears, Myths and Reality!
Is the public cloud secure?
There is widespread misunderstanding about the characteristics of public Cloud. Although you do not own public Cloud, there are standard security practices which make public Cloud secure to host and conduct sensitive business transactions.
Although called Public Cloud, it is more secure than most deployments at customer premises. This is because Cloud providers adopt established security practices and are certified by stringent security agencies. It is a business for them and they invest time, money and resources to secure their physical assets as a strategic investment.
Security is a top priority at Amazon Web Services (AWS). AWS believes security is a shared responsibility wherein Amazon is responsible for the physical security of the data center, including the infrastructure. AWS is compliant with ISO 27001, PCI DSS level1, SOC 3 and a host of other compliance standards. You can get more information here https://aws.amazon.com/compliance/
But it is the customer who is responsible for the data and applications hosted in the data center. AWS does not have access to the data and all ports deny traffic by default unless the customer chooses to open the port to allow traffic. Each customer data is hosted separately one single instances and no one can access customer data.
Further, when you host data in an AWS data center, your data automatically resides in a Virtual Private Network. This means you control the traffic that comes into your network. As a customer you decide which ports to open, and which instances are open to what kind of traffic. You can provide layered access by using Identity and Access Management. For instance you could open your corporate website to all traffic but only employees can access the Intranet.
There are different tools and mechanisms which allow you to create a secure architecture in the AWS environment. The key is to set up governance mechanisms and adhere to it strictly. Without adherence, security will be compromised. It is akin to buying an expensive lock and forgetting to lock your front door or leaving the key in the lock because you are not in the habit of locking your front door. Gartner predicts that through 2020, 95 percent of cloud security failures will be the customer’s fault. You can get more information on how to secure data on AWS here https://aws.amazon.com/security/