Security is an end-to-end process and companies need to build security at every level of the stack, Selipsky said. Examining Amazon’s cloud, you will see that the same security isolations are employed as would be found in a traditional data centre, he said. These include physical data centre security, separation of the network, isolation of the server hardware, and isolation of storage. On the physical data centre side, well before Amazon launched its cloud services, data centres had already become a frequently shared infrastructure. Companies realised that they could benefit by renting space in a data facility rather than building it, added Selipsky. Indeed, citing security fundamentals, Selipsky said:
Regarding the network, networks long ago ceased to be isolated physical islands, Selipsky noted. As companies found the need to connect to other companies, and then the Internet, their networks became connected with public infrastructure. They used special network functionality, such as firewalls and switch configurations, to prevent bad network traffic from getting in or important traffic from leaking out.
“Our security is strong and dug in at the DNA level,” Selipsky said.
Meanwhile, on the hardware side, Amazon Web Services invests significantly in testing and validating the security of its virtual server and storage environment. According to Selipsky, these investments include:
Selipsky also argued that Amazon’s scale allows significantly more investment in security policing and countermeasures than almost any large company could afford themselves. “In fact, we often find that we can improve companies’ security posture when they use AWS,” he said.
“Take the example lots of CIOs worry about – the rogue server under a developer’s desk running something destructive or that the CIO doesn’t want running. Today, it’s really hard (if not impossible) for CIOs to know how many orphans there are and where they might be. With AWS, CIOs can make a single API call and see every system running in their VPC [Virtual Private Cloud]. No more hidden servers under the desk or anonymously placed servers in a rack and plugged into the corporate network.
Finally, AWS is SAS-70 certified; ISO 27001 and NIST are in process, Selipsky said.
Meta Platforms announces plan to build Project Waterworth, a 50,000 km cable linking five continents…
Scammers take in record crypto revenues in 2024 driven by romance scams, generative AI, growing…
TSMC considers taking controlling stake in Intel's US factories under Trump administration proposal to safeguard…
Meta to invest heavily in consumer humanoid robots to carry out tasks within users' homes,…
Nokia's $2.3bn Infinera buy set to make company world's second-biggest vendor of optical networking gear…
New US administration seeks to renegotiate some existing Chips Act contracts over companies' links to…