While the cloud infrastructure is secured and maintained by AWS, customers are responsible for security of everything they put in the cloud.
The customer is
responsible for what is implemented by using AWS services and for the
applications that are connected to AWS. The security steps that you must take
depend on the services that you use and the complexity of your system.
Customer
responsibilities include selecting and securing any instance operating systems,
securing the applications that are launched on AWS resources, security group
configurations, firewall configurations, network configurations, and secure
account management.
When customers use AWS
services, they maintain complete control over their content. Customers are
responsible for managing critical content security requirements, including:
•
What content they choose to store on AWS
•
Which AWS services are used with the content
•
In what country that content is stored
•
The format and structure of that content and whether
it is masked, anonymized, or encrypted
•
Who has access to that content and how those access
rights are granted, managed, and revoked
Customers retain
control of what security they choose to implement to protect their own data,
environment, applications, IAM configurations, and operating systems.
No comments:
Post a Comment