The Home of the Security Bloggers Network
Home » Cybersecurity » CISO Suite » What is the AWS Shared Responsibility Model?
Like most cloud providers, AWS operates under a shared responsibility model. AWS takes care of the security ‘of’ the cloud while AWS customers are responsible for security ‘in’ the cloud. 
AWS has made platform security a priority to protect customers’ critical information and applications taking responsibility for its infrastructure’s security. AWS detects fraud and abuse and responds to incidents by notifying customers. However, the customer is responsible for ensuring their AWS environment is configured securely and data is not shared with someone it shouldn’t be shared with inside or outside the company, identifying when an identity people or non-people misuses AWS, and enforcing compliance and governance policies.
AWS is focused on the security of AWS infrastructure, including protecting its computing, storage, networking, and database services against intrusions because it can’t fully control how its customers use AWS. AWS is responsible for the security of the software, hardware, and the physical facilities that host AWS services. Also, AWS takes responsibility for the security configuration of its managed services such as AWS DynamoDB, RDS, Redshift, Elastic MapReduce, WorkSpaces, and others.
AWS customers are responsible for the secure usage of AWS services that are considered unmanaged. For example, while AWS has built several layers of security features to prevent unauthorized access to AWS, including multi-factor authentication, it is the customer’s responsibility to make sure multifactor authentication is turned on for users, particularly for those with the most extensive IAM permissions in AWS.
Furthermore, the default security settings of AWS services are often the least secure. Correcting misconfigured AWS security settings, therefore, is a low-hanging fruit that organizations should prioritize to fulfill their end of AWS security responsibility.
Below are AWS checklists to help you govern and secure your AWS cloud, including but not limited to the following:
As enterprises continue to migrate to or build their custom applications in AWS, the threats they face are no longer isolated like the old world of on-premises applications as identities are the new perimeter.  Preventing many of these threats falls on the shoulders of the AWS customer. So how are you securing your data?
There’s a lot to unpack here, and the truth is these are just a few of the responsibilities you need to understand when using AWS. If you have questions on the division of responsibility, cloud security, privacy ownership, policy enforcement, or how the AWS services work, don’t hesitate to reach out — Sonrai’s technical team of security experts are standing by to help.
If you are interested in learning more about best practices for other Cloud Service Providers, please check out the Azure Shared Responsibility Model Explained ebook.
The post What is the AWS Shared Responsibility Model? appeared first on Sonrai Security.
*** This is a Security Bloggers Network syndicated blog from Blog – Sonrai Security authored by Eric Kedrosky. Read the original post at: https://sonraisecurity.com/blog/what-is-the-aws-shared-responsibility-model/

More Webinars
Security Boulevard Logo White
DMCA

source