The rapid changes in technology have profoundly changed how we interact, communicate and live our day to day life. This has also drastically changed the way business and governments are providing services to consumers and citizens.
Inter connectedness and mobility has significantly changed the consumer expectations, regulators are trying to impose compliance requirements to protect citizen’s data as we well as national critical infrastructure.
The fierce competition to get products to the market as fast as one can have become a mandate to retain consumer loyalty. Businesses are under tremendous pressure to keep the services cost as low as they can and have the flexibility to scale up and down with short notice. This is where cloud services are playing a major role. the major tasks is evaluating the security provided at two layers, first is security for the cloud and second security in the cloud.
The major task while selecting cloud services provider is evaluating the security at two layers, first is security for the cloud and second security in the cloud.
- Security for the cloud
- Security in the cloud
Security for the cloud covers the security up to the hypervisor level. This includes security of the hardware operating system, network access controls for the environment used for providing the cloud services. Providing this security is a responsibility of Cloud service provider.
Security in the cloud is the security that is required for protecting the application, data that is hosted in the cloud. A responsibility of this layer of security varies as per the service type. For details please refer Cloud Security Alliance (CSA) guide.
While designing the security, one needs to understand features provided as a part of service and additional security tools/technologies that need to be deployed and additional security services to subscribe for complying with the regulatory requirements and keep the risks as low as possible.
In this article, we have provided details of the security features from two major cloud services providers Amazon Web Services (AWS) and Microsoft Azure. Hope this information helps you get started.
Note – This information is as per the best knowledge of author and subject to change.