With AWS re:Invent 2013 right around the corner, I know many of you have the cloud on your mind. Which makes me wonder – is security one of the cloud topics you are thinking about?
Amazon Web Services (AWS) has definitely set high standards for security with its comprehensive set of administrative, physical and logical controls. This includes everything from strict policies for physical access to the data center to well thought-out configuration change management procedures.
However, AWS has made it very clear with their shared responsibility model for security that the secure foundation is just the beginning of an end-to-end secure cloud-computing environment. As a part of this shared responsibility model for security, organizations have to take an active role in protecting systems, applications and data deployed on AWS.
Which leads me to ask – do you have your security checklist in hand for securing your systems, applications and data in your AWS environment?
If not, this just might be your lucky day. Leading up to AWS re-Invent, I will share a checklist of expert recommendations in the following areas:
1. What security capabilities do you need and why? Encryption, app scanning, web reputation, intrusion prevention, firewall, integrity monitoring, anti-malware… let’s dive into which capabilities make sense for your list.
2. How can security keep pace with your deployment plans? Do you have plans to scale up-and-down your environment and wonder how security will keep up? I will explore integration and automation must-haves for your security checklist to ensure security can scale as elastically as your environment.
3. How do you manage security on a day-to-day basis? There are definitely some important considerations to ensure it is easy to manage security as part of your daily operations. Let’s make sure you have them on your list.
Coming soon – we’ll dive into the security capabilities you need on your cloud security checklist and why you need them…