hamburger icon close icon

Types of AWS Security Services: How to Choose?

What are AWS Security Services?

Amazon Web Services (AWS) provides a host of dedicated security services that you can use across your environments. Many AWS security services integrate with resources across AWS and some also support on-premises resources. To ensure as complete coverage as possible, these services focus on the following areas:

  • Data protection—services to help you secure data, workloads, and accounts from unauthorized users. These services include encryption, access restrictions, and key management.
  • Identity and access management—services to help you define and restrict user and service privileges. These services include access controls.
  • Infrastructure protection—services to help you protect networks and endpoints. These services include traffic filtering, access controls, and IP restrictions.
  • Threat detection and continuous monitoring—services to help you identify threats and track system events. These services include alerting, logging, and behavior analytics.
  • Compliance and data privacy—services to help audit and enforce compliance and privacy measures. These services include automated compliance checks and encryption.

In this article, you will learn:

AWS Security Services: An Overview

Below is a breakdown of what security services AWS offers and what purposes those services serve.

Data Protection

Data protection services are required to keep your data secure and ensure that data is not lost during transfer or corrupted in storage. These services typically include features for encryption, data duplication, and data monitoring.

Services offered by AWS include:

  • AWS Secrets Manager
  • AWS Certificate Manager
  • AWS CloudHSM (hardware security module)
  • AWS Key Management Service (KMS)
  • Amazon Macie

Identity and Access Management

Identity services enable you to define credentials, distribute and limit privileges, manage user and application roles, and identify users. These services enable you to control what resources users and applications can access and how they can manipulate them.

Services offered by AWS include:

  • AWS Single Sign-On (SSO)
  • Amazon Cognito
  • AWS Resource Access Manager
  • AWS Directory Service
  • AWS Identity and Access Management (IAM)

Infrastructure Protection

Infrastructure protection services enable you to manage the security of configurable infrastructure, such as network connections. Most infrastructure in AWS is managed and secured for you, however.

Services offered by AWS include:

  • AWS Firewall Manager
  • AWS Web Application Firewall (WAF)
  • AWS Shield

Threat Detection and Continuous Monitoring

Threat detection and monitoring services provide visibility into your deployment operations and help you identify suspicious events. These tools can also help you ensure that performance standards are maintained and provide insight for optimizations.

Services offered by AWS include:

  • AWS CloudTrail
  • Amazon Inspector
  • AWS Security Hub
  • AWS Config
  • Amazon GuardDuty
  • AWS IoT Device Defender

Compliance and Data Privacy

Compliance and data privacy tools enable you to ensure that you are meeting compliance standards and maintain the security of sensitive information. These services require you to understand what regulations apply to your data and what those regulations require.

Services offered by AWS include:

  • AWS Artifact

Related content: read our guide to AWS security best practices 

Spotlight on 4 AWS Security Services You Should Know About

With many services to choose from, it can be difficult to know where to start. Below are four AWS security services that should not be overlooked when implementing your cloud security strategies.

1. Event Insights with Amazon Macie

Macie is a service designed to help you monitor how business-critical or sensitive data is used in your environments. It includes features for artificial intelligence that can automatically evaluate user, application, or service activity and detect suspicious events. These features use historical data to create a baseline of known behavior against which new events are compared.

Macie also operates through an integration with CloudTrail. This integration involves Macie evaluating CloudTrail events and errors and assigning each a value according to a 1-10 scale.The events and errors that Macie evaluates are defined by default but you can control which values are evaluated.

2. Data Protection with AWS IAM

IAM is a service that enables you to define user identities and roles in AWS. In this service, you can define and manage privileges to ensure that applications and users only have access to only necessary data. The service includes the ability to enable multi-factor authentication (MFA) and integrates with CloudTrail, enabling you to track identity events.

You can also combine this service with AWS Security Token Service (AWS STS) to ensure that sign ons are as secure as possible through one time use tokens. This enables you to easily allow external users and third-party contractors to access your services or data without providing credentials that can be compromised.

3. Network Protection with AWS Shield

AWS Shield is a service that is designed to help you prevent direct denial of service (DDoS) attacks. It is available by default for all AWS users at the Standard level. There is also an Advanced level for a fee that can provide extra protections.

The Standard version protects against the most common transport layer or network attacks. It also provides extensive protection against all known Layer 3 or 4 attacks for CloudFront and Amazon Route 53 services. The Advanced version adds to the Standard protections, including features for the protection of EC2, Elastic Load Balancer, and Global Accelerator.

4. Data Compliance with AWS Artifact

AWS Artifact is a service that enables you to download AWS compliance and security documents on-demand. This includes Service Organization Control (SOC) reports, Payment Card Industry (PCI) events, and AWS ISO certifications. Once downloaded, you can use these documents for internal auditing or supply them as proof of compliance.

Through AWS Artifact, you can review, track, and accept AWS agreements and define which accounts are legally allowed to process restricted data. This service integrates with AWS Organizations to enable you to control multiple accounts under a single entity, enabling you to manage agreements more easily.

Enhancing AWS Security with NetApp Cloud Insights

Gaining visibility over your AWS environment is critical for security. A robust monitoring tool can help you identify anomalies in the environment and alert security teams.

NetApp Cloud Insights is an infrastructure monitoring tool that gives you visibility into your complete infrastructure. With Cloud Insights, you can monitor, troubleshoot and optimize all your resources including your public clouds and your private data centers.

Cloud Insights helps you find problems fast before they impact your business. Optimize usage so you can defer spend, do more with your limited budgets, detect ransomware attacks before it’s too late and easily report on data access for security compliance auditing.

In particular, NetApp Cloud Insights provides targeted and conditional alerts you can customize precisely. You can use these alerts to surface your most critical threats, addressing issues quickly and effectively.

New call-to-action