BFSI-solution architect 

Blog - Cloud Architecture

Enabling the transformation of dreams into digital reality within the Banking, Financial Services, and Insurance sector.

Beyond the Cloud: Understanding Your Role in Securely Running Applications on AWS

 

Security and compliance in the AWS shared responsibility model is a joint effort between AWS and the customer, with each party responsible for different aspects. Here's a breakdown:

 

AWS responsibility ("Security of the Cloud")

  • Securing the underlying infrastructure: This includes the hardware, software, networking, and facilities that run AWS services.
  • Implementing baseline security controls: AWS implements a variety of security controls, such as encryption, access control, and logging, to protect the infrastructure.
  • Patching and updating systems: AWS is responsible for patching and updating the underlying infrastructure to address vulnerabilities.

 

Customer responsibility ("Security in the Cloud")

  • Securing their applications and data: This includes things like choosing secure configurations for AWS services, managing access to data, and implementing security best practices for their applications.
  • Meeting compliance requirements: Customers are responsible for ensuring their use of AWS complies with any relevant laws and regulations.
  • Monitoring and managing security events: Customers should monitor their AWS environment for security events and take appropriate action to respond to them.

 

It's important to remember that the shared responsibility model is not a 50/50 split. AWS takes on the heavy lifting of securing the underlying infrastructure, while customers are responsible for securing their own applications and data. This allows customers to focus on building and running their applications, while still benefiting from the security of the AWS platform.