Open In App

Security Model of AWS Cloud

Last Updated : 02 Nov, 2023
Like Article

The security model of the AWS cloud aims to deliver Confidentiality, Availability, and Integrity of data. It is been said that Cloud computing is secure and AWS provides complete data protection. But have you ever thought if AWS provides data security and protection then why companies on cloud hire security professionals? If not, then This article will help you to understand the concept of security in AWS.

Amazon cloud services use a special security model termed as a shared security model. It is also known as the Shared responsibility model

What is the AWS Shared security model?

AWS security model

The shared security model of AWS makes sure that both the AWS and customer using their cloud service should be equally responsible for securing the data on the cloud. In this model, Amazon takes responsibility to secure the cloud infrastructure and the customer’s responsibility is to secure the deployed application and related workload.

Role of AWS:

AWS secures the global infrastructure of the cloud. This global infrastructure consists of the hardware and software, i.e. the physical level security. AWS also manages the availability zones and edge locations. 

  • Network Security with built-in firewalls, DDoS Mitigation, and TLS.
  • Encryption features for adding an additional layer of security on databases & storage.
  • Access management policies like Identity access management, custom permissions, etc.
  • Monitor activities and logs.
  • AWS performs audits compliant with various security guidelines and practices in accordance with different and multiple standards.

Role of customer: 

Different customers have different responsibilities as it depends on the type of service they are using.

  • The logical configuration of services needs to be done from the client-side.
  • Setting up accounts with Strong credentials.
  • Awareness and training of their employees who will be using the cloud.
  • Setting up only the minimum required permissions for users and IAM policies.
  • Defining rules for firewalls and VPNs

Since responsibilities are divided among AWS and the customers, Companies have to hire security professionals.

Like Article
Suggest improvement
Share your thoughts in the comments

Similar Reads