Three steps to protecting your apps and data on AWS

How do you secure your data in the cloud?

How do you secure your data in the cloud?

Because the cloud itself's not the be all and end all of security

Enterprises are beyond the point of questioning the value of cloud computing to their businesses. However, that doesn't mean that they can press ahead with their plans without considering how they will protect their apps and data in the cloud.

Take Amazon Web Services, for example; despite being the leader in cloud computing, businesses still need to consider how to best adapt their security to work for the cloud, and therefore benefit from the elasticity, cost-savings and flexibility that AWS offers.

Step one:

With applications and data two core areas which businesses do not want cyber attackers to breach, the first thing a business needs to take into account is what type of approach to security they want to take; a VM-Series virtualized next-generation firewall for inline cloud security approach, or an API-based approach.

There is no right or wrong approach - but certain approaches will be a better fit for your business. An inline approach is based on a next-generation firewall, which combines user, content and application inspection features within firewalls. Those who choose this requirement should have deployment flexibility.

The API-based security approach helps cloud practitioners ensure their deployments are secure and achieve a continuous state of compliance, by analysing the configurations of all the services and account settings against strict security and compliance controls. This is an option better suited to enterprises that have DevOps teams, and are looking for a single approach to continuous monitoring, storage security, and compliance validation and reporting.

Step two:

The next step is to consider how you want the approach you've selected to integrate with your existing IT environment - and whether or not the cloud security you get will be as agile as your applications, data and users. This will mean trialling the products available on the market, and getting help to know which parts of the product you want to take on board.

Step three:

Once you're satisfied that the product works as you would expect it to. It's worth finding out what the vendor's long-term approach is to security. Does it have a roadmap? Has it made acquisitions of late that have boosted its cloud security capabilities? You want to feel like a partner, not a customer - and therefore you want to be around for the entire journey, rather than merely adopting the solution quickly and then moving on to your next priority. This is particularly important with security as the requirements are continually changing, and companies need to adapt to make sure they have the knowhow and technical capabilities required to keep up with sophisticated cyber attackers.

Find out more and start your free trial here


More on Careers and Skills

Women celebrating success

All the winners from the Women in Tech Excellence Awards 2021

Find out who walked away with one of the coveted gongs at the glittering ceremony held in Central London as some of the UK's top female talent turned out in style

Stuart Sumner
clock 25 November 2021 • 4 min read
How has Covid-19 affected women working in tech?

How has Covid-19 affected women working in tech?

The extra flexibility from remote working was meant to make the tech sector more attractive to women - but we're still haunted by the spectre of presenteeism

Penny French
clock 23 November 2021 • 5 min read
Alexandra Coulson, Global Head of Marketing, disguise

Making your mark: how to reinvent a brand in tech

When I joined visual storytelling technology company, disguise, I wanted to "make my mark" by helping disguise redefine its brand and marketing approach.

clock 17 November 2021 • 6 min read