Cloud computing is a key player in the storage and computation of images, documents, and other data. Cloud providers are continually growing in popularity because of the increased demand for their services. AWS, Azure, and GCP are just a few of the most popular cloud service providers.
AWS:
AWS, or “Amazon Web Services”, is one of the most prominent cloud computing providers in the world. It offers many services, including computation, storage, networking, and database. AWS holds the largest share of cloud computing market, with Azure and GCP close behind. After being launched in 2002, AWS was relaunched in 2006. SoundCloud, University of Maryland (USA), Department of Defense (USA), British Gas, and many others are some of AWS’s customers.
Let’s take a closer look at AWS security:
AWS security deals in two areas: ‘Security of the Cloud’ and ‘Security within the Cloud’.
“Security in the cloud” refers to the security of data centers, compliance regulations for data stored, and mitigating DDoS attacks on data centers.
“Security in cloud” covers identity and access management, incident response, infrastructure protection, and data protection.
Azure:
Microsoft Azure is another cloud computing platform that can be used to deploy applications on the cloud. Microsoft Azure offers SaaS (Software as an Service), PaaS(Platform as a Service) and IaaS [Infrastructure As a Service]. It was originally launched in February 2010 under the name Windows Azure, but was renamed to its current name in 2014.
Microsoft Azure customers include Coca-cola and FedEx, FedEX, Chevron, Daimler and NBA.
Microsoft Azure implements security by seperating it into six functional areas: Operations, Application Storage, Networking and Compute, Compute, Identity, Networking, Storage, Networking, Computing, Compute, and Identity.
Here are some ways security can be implemented in AWS or Azure
AWS SecurityAzure SecurityIdentity Management and Access Management
AWS Services that can help implement IAM:
AWS Secrets Manager
AWS Single Sign on
AWS STS
AWS Directory service
AWS organizations
Azure Active directory
Only one sign
multi-factor authentication
Controls for detection
These AWS services can be used for monitoring and logging
Amazon GuardDuty
AWS Trusted advisor
Logs for Amazon VPC Flow
AWS Security Hub
Azure Monitor logs
Azure Security Center (monitors traffic, collects and analyzes data for threats).
Protection of infrastructure
AWS System Manager
AWS Firewall Manager
AWS Direct Connect
AWS Cloud Formation
The following protects customer data:
Hypervisor firewall
Firewall for native host
Host firewall
Data protection
Client side encryption
Server side encryption
AWS Cloud HSM
Amazon S3 glacier
AWS certificate manager
Amazon Macie
Rest encryption of data
Data encryption in transit
Azure Disk encryption
Azure Key Vault Key Management
Incident response
APIs for automating incident response
AWS CloudFormation
Performing forensics
The Security Incident Response team follows Security Incident Response’s lifecycle.
Detect
Assess
Diagnose
Stabilize/Recover
Close
We were able to see some of the features that AWS Security and Azure Security have. Both are keen to protect the data of their customers in cloud storage, but they each have their own methods and tools.
There are no clear answers to the question “AWS Security or Microsoft Azure – which is better?”. It is a constant battle that keeps moving in one direction or another!
Contact us today to learn more about getting certified in AWS Security and Azure Security!