best practices of data security with aws - intelligentia
DESCRIPTION
Depending on the level of security your business requires, you can customize the range of services provided, and have a secure hassle free cloud server running by practicing AWS data security.TRANSCRIPT
Best Practices Of Data Security With AWS
Contents
1. Introduction to Amazon Web Services.
2. Understanding the benefits of Amazon EC2
3. Factors That Distinguish AWS From Other
Vendors
4. Resources and User Policies
5. Managing Encryption keys
6. Protecting Data At Rest And In Transit In AWS
7. Managing Decommissioned Data
Amazon Web Services (AWS) is a collection of remote computing
services (also called web services) that together make up a cloud
computing platform, offered over the Internet by Amazon.com.
Amazon Web Services provides a highly reliable, scalable, low-
cost infrastructure platform in the cloud that powers hundreds of
thousands of businesses in 190 countries around the world.
The most central and well-known of these services are Amazon
EC2 and Amazon S3. The service is advertised as providing a
large computing capacity (potentially many servers) much faster
and cheaper than building a physical server farm.
Amazon Web Services (AWS)
Understanding The Benefits Of Amazon EC2
Auto Scaling : EC2 has the facility of letting you change the
number of virtual machines you have running at peak time to
handle that traffic more effectively. The EC2 can do this
automatically
Return on Investment : Expanding your website, you can
choose to upgrade your server configurations accordingly. This
allows for minimum gap between the demand and supply
curve.Source: http://www.intelligentia.co.in/benefits-of-amazon-ec2/#more-2007
Elasticity : EC2, you can then easily collapse the 4 small machines
into 1 large one and change the OS and environment with a click. Eg-
4 small machines with Linux, and 1 larger machine with Ubuntu.
Increase in Reliability : AWS servers are located in 10 regions and
25 availability zones, so your remote servers are spread out across
the globe. Load Balancer will distribute the load to various availability
zones in different geographic locations so that there is never one
single point of failure. This avoids downtime and ensures reliability.
Source: http://www.intelligentia.co.in/benefits-of-amazon-ec2/#more-2007
Factors That Distinguish AWS From Other Vendors
COST EFFECTIVENE
SS
FLEXIBILITY
SCALIBILITY
Source: http://www.intelligentia.co.in/importance-of-amazon-web-services-in-cloud-platform/
AWS Eliminates On-site Hardware, Security
Becomes Important. AWS Provides Services To Tackle All Security Issues To Data
Resource And User Policies
Resource
Resource policies become attached to the resource, and contain within them the rules of what can be done with the resource.
User Policies
Control what the user has permission to do, either directly or indirectly through an IAM (Identity And Access Management) group
Choose to restrict access to a specific source IP address range, and change it on different days to have a suitable
level of security.
Managing Encryption Keys
AWS Stores Keys In Cryptographic Tamper-proof Storage, And AWS Provides Such An HSM (Hardware Security Module) Service In The
Cloud Itself, Known As AWS Cloudhsm.
Store The Keys On The Premises, Make Sure You Access Them Over Secure Links Such As The AWS Direct
Connect With Ipsec.
Protecting Data At Rest And In Transit In AWS
Encrypt Your Data And Perform Data Security Checks Such As Macs
(Message Authentication Codes) And Hmacs (Hashed Macs) To Ensure Data
Integrity Is Not Compromised
The Amazon DynamoDB provides automatic data replication between geographically separate Availability
Zones
Managing Decommissioned
Data
In AWS, the physical media
storing the data is not
decommissioned. Instead, the
storage units are marked as
unallocated.
Once the data has reached the end of its usefulness, the
AWS uses guidelines provided by the Department of Defence to wipe
out your data.
Decommissioning process to
ascertain that your data is
irrecoverable, you could implement data encryption using customer managed keys.
Depending on the level of security your business requires, you can customize the range of services provided, and
have a secure hassle free cloud server running.
AWS
Services
Let’s Connect!
http://www.intelligentia.co.in/
www.facebook.com/intelligentia.in
http://www.twitter.com/_intelligentia
http://www.linkedin.com/company/intelligentia-it-system