Your Role in AWS Application Security

Amazon’s inclusion of Amazon Web Services (AWS) revenue ($6 billion) in their most recent quarterly earnings release validates the continued broad appeal and adoption of the leading cloud platform.

This comes to no real surprise to the Alert Logic team, as we have seen triple-digit percentage growth in our AWS customer base over the last 18 months.

Based on the latest scorecard from 2nd Watch, our own experiences, and other public information, we can see production workloads continuing to rise in AWS but the types of applications are shifting. Windows-based applications are on the rise, indicating a larger volume of applications that require the Microsoft operating system versus Linux – the historical giant in the cloud.

As more companies migrate business critical and data-sensitive production applications to the cloud, security becomes increasingly important. Five of the top 6 products in the AWS Marketplace product rankings are security solutions and the “outlier” provides some security capabilities via network connectivity. Companies are becoming more aware of the shared security model that exists in cloud environments. They are realizing that they must take responsibility for their applications and the underlying services running in their AWS accounts.

AWS is great at providing support for the foundation services including physical, core network, and hypervisor security; however, customers need to protect their own web applications, monitor their networks for threats, and use log management solutions to secure their confidential data. Phrased simply, Amazon states that “AWS manages security of the cloud, security in the cloud is the responsibility of the customer.” 

Regardless of where you place your applications, it is incumbent to secure them so you can focus on your business.  

Additional Resources: 
[Blog] Untangling the Shared Responsibility of Cloud Security
[Webinar] It’s Not You, It’s Me – Understanding the Shared Responsibility of Cloud Security