Anand Raval
DAY 04 :πŸ”’ Navigating AWS Security & Compliance: A Shared Responsibility Model πŸ›‘οΈ

DAY 04 :πŸ”’ Navigating AWS Security & Compliance: A Shared Responsibility Model πŸ›‘οΈ

Anand Raval's photo
Anand Raval
Β·

2 min read

Table of contents

Security and Compliance

β†’ AWS Shared Responsibility Model

In traditional non-cloud-based deployments, all aspects of security are owned by you

  1. Securing data center

  2. Securing network and connectivity

  3. Securing servers

  4. Securing and patching operating systems

  5. Securing application code so it isn’t susceptible to exploits and vulnerabilities Security in the cloud is a team effort between you and Amazon The Shared Responsibility model outlines the role that AWS and you, as the customer, play when it comes to security. (Who is responsible for what?)

Note:

➒ Unmanaged services need to be secured by users.

➒ Managed services offload some of the security responsibilities of a service on AWS. Compliance

  1. Organizations in specific industries must adhere to certain rules and guidelines specific to that industry (Finance, Health, Federal Government).

  2. Compliance and regulatory frameworks are sets of guidelines and best practices. Organizations follow these guidelines to meet regulatory requirements, improve processes, strengthen security, and achieve other business goals.

  • Healthcare industry – HIPAA/HITECH

  • Payment card industry – PCI DSS

  1. Compliance is a shared responsibility between customers and AWS.

  2. AWS undergoes certifications, reviews, and audits by various governing bodies.

  3. These audit reports are made available to customers using AWS Artifact. Artifact allows customers to review and accept agreements to maintain compliance

β†’ AWS Compliance Center

AWS Compliance Center is a central location to research cloud-related regulatory requirements and assess their impact on your industry

  1. Identify regulatory requirements

  2. Browse country-specific lAWS/requirements

  3. Discover how companies in various industries solve compliance, governance challenges

  4. Use AWS to answer key compliance questions

  5. Get an audit and security checklist

  6. Reference architectures with best practices

    ● AWS Audit Manager continuously collects data to prepare for audits and ensures that you are achieving compliance with regulatory standards. It helps build audit-ready reports.

    ● It tracks how the resource is configured and records the previous configuration states, so you can see how the configs for it have changed over time.

Thankyou for reading !!!!!

AWSCloudCloud ComputingAmazon Web Servicesaws lambda
Β