Amazon Web Services Inc. (AWS), an Amazon.com company, announced Tuesday three new services and capabilities that make it easier for customers to build and operate securely.
Amazon Detective is a new security service that makes it easy for customers to conduct faster and more efficient investigations into security issues across their workloads (available in preview).
AWS IAM Access Analyzer is a new AWS Identity and Access Management (IAM) capability that makes it simple for security teams and administrators to audit resource policies for unintended access, currently available.
AWS Nitro Enclaves is a new Amazon EC2 capability that makes it easy for customers to process highly sensitive data by partitioning compute and memory resources within an instance to create an isolated compute environment, set to be available in preview early next year.
AWS is architected to deliver secure and flexible cloud computing environment. Many of security-minded organizations trust AWS with their sensitive workloads, which in turn means that all AWS customers benefit from rapidly evolving infrastructure and services designed to meet the most exacting standards for security and compliance.
AWS has taken away much of the undifferentiated heavy lifting associated with enterprise computing, and customers have asked for similar efficiencies in how they go about building and operating securely in the cloud.
AWS has continuously introduced new capabilities that help customers achieve greater security, including services like Amazon GuardDuty (which continuously monitors for threats to a customer’s accounts and workloads), Amazon Inspector (which assesses application hosts for vulnerabilities and deviations from best practices), Amazon Macie (which uses machine learning to discover, classify, and protect sensitive data), and AWS Security Hub (a unified security and compliance center).
AWS has also delivered a slew of native features like Amazon S3 Block Public Access that help customers use core services more securely, and technological innovations like the AWS Nitro System that enhance the inherent security of customer instances by moving virtualization and security functions to dedicated hardware and software.
Amazon Detective, IAM Access Analyzer, and AWS Nitro Enclaves will help in reducing the amount of custom engineering required to meet security and compliance needs, allow security teams to be more efficient and confident when responding to issues, and make it easier for customers to manage access to AWS resources.
“Amazon S3 is one of the most popular cloud storage solutions, but because of human error it’s historically been a bit of a security liability,” said Sean Roberts, general manager of public cloud at Ensono, a hybrid IT services provider. "Over the last few years, hundreds of well-known organizations have suffered data breaches as a direct result of an incorrect S3 configuration – where buckets have been set to public when they should have been private.”
“When sensitive data is unintentionally exposed online, it can damage an organization’s reputation and lead to serious financial implications. In real terms, this sensitive data is often usernames and passwords, compromising not only the business but its customers too,” Roberts added. “Access Analyzer will be a welcome addition to S3, and will help businesses all over the world audit their storage for misconfigurations and leaky buckets.”
No comments:
Post a Comment