Written by Paul Campaniello on November 16, 2017
Is Your AWS Environment a Security Risk?
There’s no dispute, AWS offers enterprises huge benefits. But it also could be putting your organization at risk.
Enterprise network security solutions offer unified threat management to protect the on-premises datacenter including access controls. But when you move compute, database, analytics or applications to AWS, does that protection apply to the cloud?
To ensure AWS is secure, you need to manage access from:
- Privileged users
- Third party users (e.g. vendors and contractors)
And that’s where AWS gets complicated. You have two main options:
- Give wide-open access and end up with no accountability/visibility, increased risk of security and a lack of compliance.
- Enforce tightly controlled access and end up with reduced business agility, friction with DevOps and an inefficient approval process.
Consider the following scenario:
Four users access the Amazon environment from a known source.
The challenge is when users try to access from other locations.
So what do you do? There’s a better way that helps to reduce AWS operational complexity and extend enterprise network security to the cloud. It’s called a Software-Defined Perimeter.
A Software-Defined Perimeter gives every user on your network – whether an internal employee or a third-party working for you – an individualized perimeter around themselves and the network resources that they’re allowed to access.
Industry experts are widely accepting the Software-Defined Perimeter security architecture as the next big thing in network security:
- It is easier and less costly to deploy than firewalls, VPN concentrators and other bolt-in technologies. (Gartner)
- SDP enables organizations to provide people-centric, manageable, secure and agile access to networked systems. (Cloud Security Alliance)
- Legacy, perimeter-based security models are ineffective against attacks. Security and risk pros must make security ubiquitous throughout the ecosystem. (Forrester)
Learn more about protecting your AWS environment with a Software-Defined Perimeter here.