Security is an end-to-end process and companies need to build security at every level of the stack, Selipsky said. Examining Amazon’s cloud, you will see that the same security isolations are employed as would be found in a traditional data centre, he said. These include physical data centre security, separation of the network, isolation of the server hardware, and isolation of storage. On the physical data centre side, well before Amazon launched its cloud services, data centres had already become a frequently shared infrastructure. Companies realised that they could benefit by renting space in a data facility rather than building it, added Selipsky. Indeed, citing security fundamentals, Selipsky said:
Regarding the network, networks long ago ceased to be isolated physical islands, Selipsky noted. As companies found the need to connect to other companies, and then the Internet, their networks became connected with public infrastructure. They used special network functionality, such as firewalls and switch configurations, to prevent bad network traffic from getting in or important traffic from leaking out.
“Our security is strong and dug in at the DNA level,” Selipsky said.
Meanwhile, on the hardware side, Amazon Web Services invests significantly in testing and validating the security of its virtual server and storage environment. According to Selipsky, these investments include:
Selipsky also argued that Amazon’s scale allows significantly more investment in security policing and countermeasures than almost any large company could afford themselves. “In fact, we often find that we can improve companies’ security posture when they use AWS,” he said.
“Take the example lots of CIOs worry about – the rogue server under a developer’s desk running something destructive or that the CIO doesn’t want running. Today, it’s really hard (if not impossible) for CIOs to know how many orphans there are and where they might be. With AWS, CIOs can make a single API call and see every system running in their VPC [Virtual Private Cloud]. No more hidden servers under the desk or anonymously placed servers in a rack and plugged into the corporate network.
Finally, AWS is SAS-70 certified; ISO 27001 and NIST are in process, Selipsky said.
Elon Musk firm touts cheaper EV models, as profits slump over 50 percent in the…
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…
TikTok pledges to challenge 'unconstitutional' US ban in the courts, after President Joe Biden signs…
British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…
Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…
Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…