Tag: Cloud Secuirty

Google Cloud Platform (GCP) Security

Most of the organizations are either started using cloud services or migrating to the cloud. First and the most important decision-making point before migrating the applications to the cloud is, how this transformation will impact the data security and compliance to the applicable regulatory requirements to my business?

Most of the prominent cloud service providers like Google (GCP), Amazon (AWS) and Microsoft (Azure), understand the importance of providing the compliance and assuring the data security for the clients. These cloud providers provide security solutions either as a part of a package or available in the market place for clients to pick and choose the technologies that assures the integration with other infrastructure components of the cloud. Continue reading “Google Cloud Platform (GCP) Security”

Security Features – AWS and Azure

The rapid changes in technology have profoundly changed how we interact, communicate and live our day to day life. This has also drastically changed the way business and governments are providing services to consumers and citizens.

Inter connectedness and mobility has significantly changed the consumer expectations, regulators are trying to impose compliance requirements to protect citizen’s data as we well as national critical infrastructure.

The fierce competition to get products to the market as fast as one can have become a mandate to retain consumer loyalty.  Businesses are under tremendous pressure to keep the services cost as low as they can and have the flexibility to scale up and down with short notice. This is where cloud services are playing a major role. the major tasks is evaluating the security provided at two layers, first is security for the cloud and second security in the cloud.

The major task while selecting cloud services provider is evaluating the security at two layers, first is security for the cloud and second security in the cloud.

  1. Security for the cloud
  2. Security in the cloud

Security for the cloud covers the security up to the hypervisor level. This includes security of the hardware operating system, network access controls for the environment used for providing the cloud services. Providing this security is a responsibility of Cloud service provider.

Security in the cloud is the security that is required for protecting the application, data that is hosted in the cloud. A responsibility of this layer of security varies as per the service type. For details please refer Cloud Security Alliance (CSA) guide.

While designing the security, one needs to understand features provided as a part of service and additional security tools/technologies that need to be deployed and additional security services to subscribe for complying with the regulatory requirements and keep the risks as low as possible.

In this article, we have provided details of the security features from two major cloud services providers Amazon Web Services (AWS) and Microsoft Azure. Hope this information helps you get started.

Security Feature AWS Azure
Access Control – Authentication and Authorization Identity and Access Management (IAM) Azure Active Directory
Directory Services AWS Directory Service Azure Active Directory

Azure Active Directory B2C

Azure Active Directory Domain Service

Azure Active Directory Multifactor Authentication

Multifactor Authentication AWS MFA Azure Multifactor Authentication
Security Assessment service Amazon Inspector Azure Security Center
SSL Certificates Amazon Certificate manager App Service Certificate
Hardware Security Manager AWS Cloud HSM Azure Key Vault
Encryption Key Management AWS Key Management Service Azure KeyVault
Consolidated Multiple Cloud Account Management AWS Organization Not Available at this point in time
DDOS protection AWS Shield Add on from  Azure Market Place
Web Application Firewalls AWS WAF Azure WAF
Security & Compliance  AWS Artifacts Azure Security and Compliance
Web and Mobile Authentication Service Amazon Cognito Azure Mobile SDK,Offline/Sync
Disaster Recovery AWS Disaster Recovery Azure Site Recovery

Azure Backup

Security Advisor AWS Trusted Advisor Azure Advisor
Configuration Inventory AWS Config. Azure portal(audit logs)
Logging and Security Monitoring Amazon CloudWatch

AWS CloudTrail

Log Analytics

Azure Portal

Application Insights

 

Private Connectivity AWS Direct Connect Azure Express Route
Network Gateway Amazon VPN Azure VPN Gateway
Virtual Private Network Amazon VPC Azure VNet
Antivirus / Antimalware  Antivirus for Gust OS is add on from AWS Market Place Microsoft Antimalware for Azure Cloud Services & virtual machines
Information Protection Solution from Market place Azure Information Protection
Data Privacy protection AWS Privacy protection Microsoft Trust Center

 

Note – This information is as per the best knowledge of author and subject to change.

Categories

Archives




Subscribe to Blog via Email

Tags

May 2018
M T W T F S S
« Dec    
 123456
78910111213
14151617181920
21222324252627
28293031  

GiottoPress by Enrique Chavez