Downloaded 12 times
More Related Content
Similar to Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azure
- 1. Cloud Security Comparisons betweenAWS and Azure By Abdul khan
- 2. Author • Abdul Khan •IT Consultant based in Manchester, UK • Engineering Lead, Executive, Technologist, Architect • IT experience, within the private and public sectors (Retail, Banking, Digital, Insurance, M.O.D., HMRC, Aviation, Telecommunication, Housing Associations, Education, Travel, and Pharmaceutical companies). Excellent architectural and strong DevOps experience with proven-track record of delivering E2E, B2B and B2C solution on regional and global programs. • SME in specializing in providing integration, data migration, digital transformations to the cloud solutions (Azure and AWS) • Wealth of experience in global projects across EMEA, ASPAC and LATAM • Liked in profile https://www.linkedin.com/in/abdul-khan-uk/
- 3. Content 1. Key AreasOf Cloud SaaS Security Patterns 2. Security Comparisons between AWS and Azure : Compliance and Regulatory 3. Security Comparisons between AWS and Azure : Identity Authentication and Authorisation 4. Security Comparisons between AWS and Azure : Secure Development, Operation and Administration 5. Security Comparisons between AWS and Azure : Privacy and Confidentially 6. Security Comparisons between AWS and Azure : Secure Architecture Security Comparisons between AWS and Azure
- 4. 1. Key AreasOf Cloud SaaS Security Patterns Cloud Security Patterns Compliance and Regulatory Patterns • Data Citizenship • Cryptographic Erasure • Shared Responsibility Model • Compliant Data Transfer • Data Retention • Data Lifecycle • Intentional Data Remanence Identity Authentication and Authorisation Patterns • Multi-Factor Authentication • Federation (single -on) • Access Token • Mutual Authentication • Secure User Onboarding • Identity and Access Manager • Per-request Authentication • Access Control Clearance Secure Development, Operation and Administration Patterns • Bastion Server • Automated Threat Detection • Durable Availability • Economic Durability • Vulnerability Management and Privacy and Confidentially Patterns • End-to-End Security • Computation on Encrypted Data • Data Anonymisation • Process Purpose Control Secure Architecture Patterns • Virtual Network • Web Application Firewall • Secure Element • Secure Cold Storage • Certificate and Key Manager • Hardware Security Module • Secure Auditing
- 5. 2. Security Comparisonsbetween AWS and Azure : Compliance and Regulatory Category Pattern Solution In AWS Solution In Azure Compliance and Regulatory Data Citizenship Use AWS location Tags to designate the location for the data processing Azure information and location Tag. Azure FrontDoor Service Cryptographic Erasure Use AWS KMS Use Azure Key Vault Shared Responsibility Model AWS provides different Services to protect data and systems. AWS is only responsible for the availability and basic security of the cloud platform Azure provides different Services to protect data and systems. Azure provides is only responsible for the availability and basic security of cloud platforms Compliant Data Transfer AWS Location Tag Azure Location Tag Data Retention The Data retention policies can be defined and executed by AWS (e.g. Lambda) Azure provides option to define data retention policy in Database System Data Lifecycle AWS data lifecycle manager Azure blob storage lifecycle International Data Remanences Database (e.g. DynamoDB) Database ( e.g. Azure Database backup)
- 6. 3. Security Comparisonsbetween AWS and Azure : Identity Authentication and Authorisation Category Pattern Solution In AWS Solution In Azure Identity Authentication and Authorisation actor Authentication AWS Azure Multi-Federation (single -on) AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Access Token AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Mutual Authentication AWS TLS/SSL Certification, Certification Features of API Gateway (AWS Client VPN) Azure App Service Secure User Onboarding AWS customer on boarding Azure Security Centre Identity and Access Manager AWS IAM and Cognito Azure AP management & REST API authentication Per-request Authentication AWS Signing and Authenticating REST Requests AWS API Management & REST API Authentication Access Control Clearance AWS cloud watch and AWS Cognito/IAM Azure access control Service
- 7. 4. Security Comparisonsbetween AWS and Azure : Secure Development, Operation and Administration Category Pattern Solution In AWS Solution In Azure Secure Development, Operation and Administration Bastion Server AWS Bastion Host Azure Bastion Host Automated Threat Detection AWS GuardDuty Azure Advance threat protection Durable Availability AWS Cloud Watch, AWS WAF Azure Web Access Firewall & firewall application gateway Economic Durability AWS Cloud Watch Azure Monitor Vulnerability Management AWS Vulnerability scanning Vulnerability scan in Azure security centre
- 8. 5. Security Comparisonsbetween AWS and Azure : Privacy and Confidentially Category Pattern Solution In AWS Solution In Azure Privacy and Confidentially End-to-End Security AWS KMS, Certification Manager Azure Key Vault Computation on Encrypted Data NA NA Data Anonymisation Algorithms can be defined and ran by AWS Modules Azure Dynamic Data Masking on SQL databases Process Purpose Control NA NA
- 9. 6. Security Comparisonsbetween AWS and Azure : Secure Architecture Category Pattern Solution In AWS Solution In Azure Secure Architecture Virtual Network AWS Virtual Private Cloud (VPC) Azure Virtual Network Web Application Firewall AWS WAF Azure Application Firewall Gateway Secure Element AWS IoT Device Management Azure IoT Hub & loT Suit Secure Cold Storage AWS Glacier Azure Coldblob Storage Certificate and Key Manager AWS Certificate and Key Manager (AWS KMS) Azure Key Vault Hardware Security Module AWS CloudHSM Azure Dedicated HSM Secure Auditing AWS Auditing Security Checklist Azure Monitor, Stream, Network Watcher
- 10. - END OFDECK By Abdul Khan – https://www.linkedin.com/in/abdul-khan-uk/