While popular out-of-the-box SaaS products like Salesforce, Box, Dropbox, and Office 365 are becoming ubiquitous in the workplace, many enterprises have business needs that require tailor-made applications. In a previous era, they relied on custom, in-house developed applications hosted in their own data centers. Having recognized the advantages of cloud computing, over the last 10 years these applications have slowly migrated to the public cloud, private cloud, or a hybrid of both.
Although more than half of all in-house developed applications are still being hosted in private data centers, according to a recent Cloud Security Alliance report, this number is expected to drop to 46.2% in the next 12 months.
As the most dominant platform, Amazon Web Services (AWS) is expected to grab the biggest share of the burgeoning IaaS market. Today, an impressive 41.5% of custom applications in the public cloud are deployed in AWS. Even more remarkable is the fact that AWS’s computing capacity is ten times larger than the next 14 IaaS providers combined, according to the most recent IaaS Magic Quadrant report released by Gartner.
AWS Security Challenges
Amazon has built a robust set of security controls to help protect customer data, including its Identity and Access Management service (access control), Security Groups (firewall), and CloudTrail (activity monitoring), just to name a few. However, while Amazon takes responsibility for the security “of” its cloud infrastructure, AWS customers are responsible for security “in” the cloud.
Known as the shared responsibility model for cloud security, Amazon’s security blueprint divides up responsibility between the cloud provider and the customer. Amazon takes responsibility for the underlying security of AWS infrastructure. However, it is incumbent on AWS customers to make sure they’re using AWS in a secure manner while making the most of the security controls Amazon has provided them, including ensuring their AWS environment is configured securely and adequate security controls are in place to protect data in AWS.
This eBook (download your free copy here), discusses the current state of AWS adoption, Amazon’s model for AWS security, security challenges and threats to applications and data in AWS, and AWS infrastructure security best practices as well as security best practices for applications built on AWS.