Hello Everyone, in continuation to my previous blogs, on how to take care of security aspects while adopting the cloud model.
Security Aspects for cloud adoption
Security Aspects for cloud adoption - Before Migration
In this blog I will cover how AWS cloud can meet the various customer requirements from security perspective and other related topics to security and how the security posture can be improved while adopting the cloud model.
Below are some of the important aspect and we will see how AWS cloud supports those aspects.
Security Framework
Customers are having existing security policies, procedures that are in place on premises, so during cloud services selection, they can plan how the cloud service provider will meet the same standards when the cloud model is adopted, for example in case the customer is having various network security controls in place , how the same framework can be achieved in the cloud, if customer is having centralized traffic monitoring in place, how the same can be achieved in the cloud model.
AWS offers various network and security services that can help customer to achieve the same kind of security framework on the cloud model. For example is customer is having granular identity and access management controls in place on prem, then AWS IAM services has vast policies and roles in place that will help customer to achieve the same kind of framework in authentication and authorization management.
Compliance
Since compliance is a shared responsibility, so its very important for a customer to understand there role and responsibilities to secure the environment and what are there responsibility and what are responsibilities of AWS.
To help customers with there compliance requirements, AWS is compliance to compliance requirements and regularly gets validated for thousands of global compliance requirements for finance, retail, healthcare, government etc. AWS has support for more security standards and compliance certifications like PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping satisfy compliance requirements for every regulatory agency of the country.
Innovation
These days many companies are offering more and more services and new offerings to end customer to win customer base and disrupting there service competitors and with lot of innovation it helps them out grow the business. To be ahead in the business there is need of new technologies that can be leveraged over the cloud.
AWS has many tools that can be used by the customer to invent, experiment, and iterate. AWS services also provides best performance at the lowest cost that can be used on the pay per use model, and this helps in lowering the barriers to exploring new ideas and innovations. In this way customers can create and test environment on the AWS cloud to test the new ideas and innovations that will help them in there business expansions.
Automation
Its very important for a customer to focus on innovate and scale the business for which you need to automate various tasks.
These days automating security tasks on AWS enables customers to be more secure by reducing human configuration errors and giving the customer's team more time to focus on other activities and support the work critical to customer business business as before customer team was spending lot of time on other activities like hardware maintenance etc., which is not required when cloud model is adopted. Customers can select wide variety of deeply integrated solutions on AWS that can be combined with each other to automate many tasks and making it easier for customer security team to work closely with developer and operations teams to create and deploy code faster and more securely into the development and production. In this way various AWS services help to secure the complete environment.
Improve security posture
To improve the security posture you need to have insights and visibility into the environment to gain control of the environment and confidently secure the same. AWS offers various cloud native services like AWS security hub etc. that can help to see what all is happening in the cloud and accordingly improve the security posture of the environment and gain compliance to various compliance certifications.
I hope these guidelines will help you to enhance your knowledge.
Thanks for reading the blog.
Top comments (0)