1 Introduction to AWS Security
This chapter covers
- Understanding the Shared Responsibility Model
- Using AWS Native Security Services
- Adapting to working in the Cloud
The public cloud is growing fast, and AWS is a huge part of that. There seems to be an endless stream of blog posts and whitepapers and case studies about companies moving to AWS. I'm sure you've heard the common refrains about high-availability, pay-for-use, and rapid development. Of all the reasons we've heard for moving to the cloud, the most contentious one is security.
Is it really more secure to run your applications on AWS? Some people seem to think so, like Rob Alexander, CIO of Capital One, who believes they can "operate more securely in the public cloud than we can in our own data centers." This is particularly powerful coming from a bank, which certainly has a lot of money riding on getting security right. And there are several other banks running workloads on AWS as well like JPMorgan Chase and National Bank of Canada.