Depending on the level of security your business requires, you can customize the range of services provided, and have a secure hassle free cloud server running by practicing AWS data security.
2. Contents
1. Introduction to Amazon Web Services.
2. Understanding the benefits of Amazon EC2
3. Factors That Distinguish AWS From Other Vendors
4. Resources and User Policies
5. Managing Encryption keys
6. Protecting Data At Rest And In Transit In AWS
7. Managing Decommissioned Data
3. Amazon Web Services (AWS)
Amazon Web Services (AWS) is a collection of remote computing services
(also called web services) that together make up a cloud computing
platform, offered over the Internet by Amazon.com.
Amazon Web Services provides a highly reliable, scalable, low-cost
infrastructure platform in the cloud that powers hundreds of thousands of
businesses in 190 countries around the world.
The most central and well-known of these services are Amazon EC2 and
Amazon S3. The service is advertised as providing a large computing
capacity (potentially many servers) much faster and cheaper than building a
physical server farm.
4. Understanding The Benefits Of Amazon EC2
Auto Scaling : EC2 has the facility of letting you change the number of
virtual machines you have running at peak time to handle that traffic
more effectively. The EC2 can do this automatically
Return on Investment : Expanding your website, you can choose to
upgrade your server configurations accordingly. This allows for
minimum gap between the demand and supply curve.
Source: http://www.intelligentia.co.in/benefits-of-amazon-ec2/#more-2007
5. Elasticity : EC2, you can then easily collapse the 4 small machines into 1 large
one and change the OS and environment with a click. Eg- 4 small machines with
Linux, and 1 larger machine with Ubuntu.
Increase in Reliability : AWS servers are located in 10 regions and 25
availability zones, so your remote servers are spread out across the globe. Load
Balancer will distribute the load to various availability zones in different
geographic locations so that there is never one single point of failure. This
avoids downtime and ensures reliability.
Source: http://www.intelligentia.co.in/benefits-of-amazon-ec2/#more-2007
6. Factors That Distinguish AWS From Other Vendors
COST
EFFECTIVENESS
FLEXIBILITY
SCALIBILITY
Source: http://www.intelligentia.co.in/importance-of-amazon-web-services-in-cloud-platform/
7. AWS Eliminates On-site
Hardware, Security Becomes
Important. AWS Provides
Services To Tackle All Security
Issues To Data
8. Resource And User Policies
Resource
Resource policies become attached to the resource, and contain
within them the rules of what can be done with the resource.
User Policies
Control what the user has permission to do, either directly or
indirectly through an IAM (Identity And Access Management)
group
9. Choose to restrict access to a specific source IP address range, and
change it on different days to have a suitable level of security.
10. Managing Encryption Keys
AWS Stores Keys In Cryptographic Tamper-proof Storage, And AWS Provides
Such An HSM (Hardware Security Module) Service In The Cloud Itself, Known As
AWS Cloudhsm.
11. Store The Keys On The Premises, Make Sure You Access Them
Over Secure Links Such As The AWS Direct Connect With Ipsec.
12. Protecting Data At Rest And In Transit In AWS
Encrypt Your Data And Perform Data
Security Checks Such As Macs (Message
Authentication Codes) And Hmacs (Hashed
Macs) To Ensure Data Integrity Is Not
Compromised
13. The Amazon DynamoDB provides automatic data replication
between geographically separate Availability Zones
14. Managing
Decommissioned Data
In AWS, the physical
media storing the data
is not
decommissioned.
Instead, the storage
units are marked as
unallocated.
Once the data has
reached the end of its
usefulness, the AWS
uses guidelines
provided by the
Department of
Defence to wipe out
your data.
Decommissioning
process to ascertain
that your data is
irrecoverable, you
could implement data
encryption using
customer managed
keys.
15. Depending on the level of security your business requires, you can
customize the range of services provided, and have a secure
hassle free cloud server running.