AWS is responsible for security of the cloud. But what does that mean?
Under the AWS shared
responsibility model, AWS operates, manages, and controls the components from
the bare metal host operating system and hypervisor virtualization layer down
to the physical security of the facilities where the services operate. It means
that AWS is responsible for protecting the global infrastructure that runs all
the services that are offered in the AWS Cloud. The global infrastructure
includes AWS Regions, Availability Zones, and edge locations.
AWS is responsible for
the physical infrastructure that hosts your resources, including:
• Physical security of data centers with controlled,
need-based access; located in nondescript facilities, with 24/7 security
guards; two-factor authentication; access logging and review; video
surveillance; and disk degaussing and destruction.
• Hardware infrastructure, such as
servers, storage devices, and other appliances that AWS relies on.
• Software infrastructure, which hosts
operating systems, service applications, and virtualization software.
•
Network infrastructure, such as routers,
switches, load balancers, firewalls, and cabling. AWS also continuously
monitors the network at external boundaries, secures access points, and
provides redundant infrastructure with intrusion detection.
Protecting this
infrastructure is the top priority for AWS. While you cannot visit AWS data
centers or offices to see this protection firsthand, Amazon provides several
reports from third-party auditors who have verified our compliance with a
variety of computer security standards and regulations.
No comments:
Post a Comment