CIP Cyber

Your Prime account isn’t enough: the security you need for Amazon Web Services

Table of Contents

There is almost nothing Amazon can’t do for you. It can instantly deliver a book to your tablet, ship you everything from a whisk to a wheelbarrow overnight, and not only stream TV shows and movies, but produce them. It was no surprise then that when Amazon got into the web services game they did so in a major way, offering scalable and cost-effective cloud computing that quickly sky-rocketed in popularity, earning the number one position in cloud computing and showing no signs of relinquishing the crown. However, as good as Amazon Web Services (AWS) are, they are by no means a complete computing solution. At least when it comes to security.

What AWS can do for you

Amazon Web Services is free to join, and as it is a cloud computing model, you only pay for what you use. AWS offers everything from website hosting solutions, data management, storage solutions, digital media services, software development kits all the way to business applications. Essentially, with everything AWS offers, it eliminates the need for on-premise IT infrastructure.
Businesses ranging from small and medium-sized businesses to major enterprises are moving their IT infrastructure to AWS in order to spend less time managing infrastructure and more time focusing on things like product development, sales and customer service. Fashion retailer Nordstrom, for example, has shifted its websites, mobile apps and other internal IT tools to AWS, while cereal brand Kellogg’s has replaced its on-premise relational database for data analysis with a faster, more powerful and more cost-effective setup on AWS.
But what about security?

What AWS can’t do for you?

With so many businesses and major corporations relying on AWS to that extent, of course Amazon offers built-in security for their cloud computing services, securing the infrastructure. This includes having highly secure data centers, ensuring client privacy and segregation, having network and security monitoring systems, and offering security features such as firewalls, encrypted data storage, and a dedicated connection option.
While these security features are valuable, they may not provide all of the protection required by your business. The built-in AWS firewall does not manage either inbound or outbound traffic as well as a more traditional firewall, and the policies that can be set in the AWS firewall simply aren’t as complex or as rigorous as needed for many businesses.
Further, while AWS pulls some of the security load, your business is by default expected to do its part as well. AWS secures the infrastructure, and your business is expected to secure everything you run on or put into the AWS infrastructure. This includes things like server side encryption and network traffic protection. Another thing to consider is that while AWS infrastructure security is, of course, good, it isn’t fool-proof. In the past AWS computing services have been exploited in order to launch large-scale DDoS attacks. Additional security is never going to be a bad thing.
But since you’ve probably either moved to cloud computing or are considering a move to cloud computing because it can make your IT so much simpler, it stands to reason that there are easy ways to achieve excellent AWS security.
Eventually, it’s a Jungle out there (shutterstock)
Why yes, Amazon has a Marketplace for that
AWS Marketplace is an online store chock full of software and services that can be instantly purchased and put into use in the cloud. This includes developer tools, ecommerce solutions and other business necessities, and it also includes leading security solutions that can provide your cloud computing environment with tight, enterprise-level security.
Some of the premier security solutions designed specifically for AWS include products such as Incapsula’s Web Application Firewall and DDoS protection. The Web Application Firewall, or WAF, picks up where AWS’s firewall leaves off, setting strict rules for how visitors are allowed to interact with your website and other online services, thereby defending your AWS-hosted applications from any hacking attempts as well as bots and malware.
DDoS protection protects your business from not just the outages that can be caused by DDoS attacks, but the intrusion attempts, damage to hardware and software, and theft of data and intellectual property that so often go along with DDoS attacks.
Helping Amazon round out their offerings
Amazon generally doesn’t need any help taking over the world with its various ventures, but security is the one area where Amazon Web Services could use a little assistance, and investing in this additional security is absolutely necessary for the protection of your business. If your business is already in the cloud, or you’re thinking of moving to it, keep those few Amazon shortcomings in mind.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings