Three steps to protecting your apps and data on AWS

clock • 2 min read

Because the cloud itself's not the be all and end all of security

Enterprises are beyond the point of questioning the value of cloud computing to their businesses. However, that doesn't mean that they can press ahead with their plans without considering how they will protect their apps and data in the cloud.

Take Amazon Web Services, for example; despite being the leader in cloud computing, businesses still need to consider how to best adapt their security to work for the cloud, and therefore benefit from the elasticity, cost-savings and flexibility that AWS offers.

Step one:

With applications and data two core areas which businesses do not want cyber attackers to breach, the first thing a business needs to take into account is what type of approach to security they want to take; a VM-Series virtualized next-generation firewall for inline cloud security approach, or an API-based approach.

There is no right or wrong approach - but certain approaches will be a better fit for your business. An inline approach is based on a next-generation firewall, which combines user, content and application inspection features within firewalls. Those who choose this requirement should have deployment flexibility.

The API-based security approach helps cloud practitioners ensure their deployments are secure and achieve a continuous state of compliance, by analysing the configurations of all the services and account settings against strict security and compliance controls. This is an option better suited to enterprises that have DevOps teams, and are looking for a single approach to continuous monitoring, storage security, and compliance validation and reporting.

Step two:

The next step is to consider how you want the approach you've selected to integrate with your existing IT environment - and whether or not the cloud security you get will be as agile as your applications, data and users. This will mean trialling the products available on the market, and getting help to know which parts of the product you want to take on board.

Step three:

Once you're satisfied that the product works as you would expect it to. It's worth finding out what the vendor's long-term approach is to security. Does it have a roadmap? Has it made acquisitions of late that have boosted its cloud security capabilities? You want to feel like a partner, not a customer - and therefore you want to be around for the entire journey, rather than merely adopting the solution quickly and then moving on to your next priority. This is particularly important with security as the requirements are continually changing, and companies need to adapt to make sure they have the knowhow and technical capabilities required to keep up with sophisticated cyber attackers.

Find out more and start your free trial here

 

You may also like
Sunnier skies ahead? Cloud giants dial down the greenwash

Green

But which one leads on environmental transparency?

clock 16 April 2024 • 10 min read
Palo Alto Networks patches 'critical' vulnerability under active exploitation

Threats and Risks

Volexity says a ‘spike in exploitation’ is likely

clock 16 April 2024 • 2 min read
AWS announces more job cuts

Careers and Skills

Cuts will mostly affect training, certification and sales personnel

clock 04 April 2024 • 2 min read

More on Cloud and Infrastructure

Cloud adoption in 2024: Navigating AI, edge computing and the road beyond

Cloud adoption in 2024: Navigating AI, edge computing and the road beyond

CIOs are pursuing best-fit cloud solutions that avoid vendor lock-in

Eric Helmer
clock 09 April 2024 • 3 min read
WebAssembly heralds 'third wave of cloud computing'

WebAssembly heralds 'third wave of cloud computing'

Wasm: 'Speed and agility is the name of the game'

John Leonard
clock 26 March 2024 • 3 min read
Microsoft the latest to waive cloud egress fees

Microsoft the latest to waive cloud egress fees

TS&CS apply

John Leonard
clock 14 March 2024 • 2 min read