Amazon Web Services (AWS) provides a host of dedicated security services that you can use across your environments. Many AWS security services integrate with resources across AWS and some also support on-premises resources. To ensure as complete coverage as possible, these services focus on the following areas:
In this article, you will learn:
Below is a breakdown of what security services AWS offers and what purposes those services serve.
Data protection services are required to keep your data secure and ensure that data is not lost during transfer or corrupted in storage. These services typically include features for encryption, data duplication, and data monitoring.
Services offered by AWS include:
Identity services enable you to define credentials, distribute and limit privileges, manage user and application roles, and identify users. These services enable you to control what resources users and applications can access and how they can manipulate them.
Services offered by AWS include:
Infrastructure protection services enable you to manage the security of configurable infrastructure, such as network connections. Most infrastructure in AWS is managed and secured for you, however.
Services offered by AWS include:
Threat detection and monitoring services provide visibility into your deployment operations and help you identify suspicious events. These tools can also help you ensure that performance standards are maintained and provide insight for optimizations.
Services offered by AWS include:
Compliance and data privacy tools enable you to ensure that you are meeting compliance standards and maintain the security of sensitive information. These services require you to understand what regulations apply to your data and what those regulations require.
Services offered by AWS include:
Related content: read our guide to AWS security best practices
With many services to choose from, it can be difficult to know where to start. Below are four AWS security services that should not be overlooked when implementing your cloud security strategies.
Macie is a service designed to help you monitor how business-critical or sensitive data is used in your environments. It includes features for artificial intelligence that can automatically evaluate user, application, or service activity and detect suspicious events. These features use historical data to create a baseline of known behavior against which new events are compared.
Macie also operates through an integration with CloudTrail. This integration involves Macie evaluating CloudTrail events and errors and assigning each a value according to a 1-10 scale.The events and errors that Macie evaluates are defined by default but you can control which values are evaluated.
IAM is a service that enables you to define user identities and roles in AWS. In this service, you can define and manage privileges to ensure that applications and users only have access to only necessary data. The service includes the ability to enable multi-factor authentication (MFA) and integrates with CloudTrail, enabling you to track identity events.
You can also combine this service with AWS Security Token Service (AWS STS) to ensure that sign ons are as secure as possible through one time use tokens. This enables you to easily allow external users and third-party contractors to access your services or data without providing credentials that can be compromised.
AWS Shield is a service that is designed to help you prevent direct denial of service (DDoS) attacks. It is available by default for all AWS users at the Standard level. There is also an Advanced level for a fee that can provide extra protections.
The Standard version protects against the most common transport layer or network attacks. It also provides extensive protection against all known Layer 3 or 4 attacks for CloudFront and Amazon Route 53 services. The Advanced version adds to the Standard protections, including features for the protection of EC2, Elastic Load Balancer, and Global Accelerator.
AWS Artifact is a service that enables you to download AWS compliance and security documents on-demand. This includes Service Organization Control (SOC) reports, Payment Card Industry (PCI) events, and AWS ISO certifications. Once downloaded, you can use these documents for internal auditing or supply them as proof of compliance.
Through AWS Artifact, you can review, track, and accept AWS agreements and define which accounts are legally allowed to process restricted data. This service integrates with AWS Organizations to enable you to control multiple accounts under a single entity, enabling you to manage agreements more easily.
Gaining visibility over your AWS environment is critical for security. A robust monitoring tool can help you identify anomalies in the environment and alert security teams.
NetApp Cloud Insights is an infrastructure monitoring tool that gives you visibility into your complete infrastructure. With Cloud Insights, you can monitor, troubleshoot and optimize all your resources including your public clouds and your private data centers.
Cloud Insights helps you find problems fast before they impact your business. Optimize usage so you can defer spend, do more with your limited budgets, detect ransomware attacks before it’s too late and easily report on data access for security compliance auditing.
In particular, NetApp Cloud Insights provides targeted and conditional alerts you can customize precisely. You can use these alerts to surface your most critical threats, addressing issues quickly and effectively.