Mastering AWS Security by Albert Anthony
Author:Albert Anthony
Language: eng
Format: mobi, epub
Tags: COM088000 - COMPUTERS / System Administration / General, COM043050 - COMPUTERS / Security / Networking, COM091000 - COMPUTERS / Cloud Computing
Publisher: Packt
Published: 2017-10-26T07:30:15+00:00
Data Security in AWS
Data security in the AWS platform can be classified into two broad categories:
Protecting data at rest
Protecting data in transit
Furthermore, data security has the following components that help in securing data in multiple ways:
Data encryption
Key Management Services (KMS)
Access control
AWS service security features
AWS provides you with various tools and services to secure your data in AWS when your data is in transit or when your data is at rest. These tools and services include resource access control using AWS Identity and Access Management (IAM), data encryption, and managed KMS, such as AWS KMS for creating and controlling keys used for data encryption. The AWS KMS provides multiple options for managing your entire Key Management Infrastructure (KMI). Alternatively, you also have the option to go with the fully managed AWS CloudHSM service, a cloud-based hardware security module (HSM) that helps you generate and use your own keys for encryption purpose.
AWS recently launched a new security service to protect your sensitive data by using machine learning algorithms; this service is called Amazon Macie. As of now, it offers security for all data stored in your Amazon Simple Storage Service (S3).
If you want to protect your data further due to business or regulatory compliance purposes, you can enable additional features for accidental deletion of data such as the versioning feature in AWS S3, MFA for accessing and deleting data, enable cross-region replication for more than one copy of your data in AWS S3, and so on.
All data storage and data processing AWS services provide multiple features to secure your data. Such features include data encryption at rest, data encryption in transit, MFA for access control and for deletion of data, versioning for accidental data deletion, granular access control and authorization policies, cross-region replication, and so on.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
| Disaster & Recovery | Email Administration |
| Linux & UNIX Administration | Storage & Retrieval |
| Windows Administration |
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7778)
Grails in Action by Glen Smith Peter Ledbrook(7696)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6553)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6540)
Running Windows Containers on AWS by Marcio Morales(6069)
Kotlin in Action by Dmitry Jemerov(5063)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4910)
Combating Crime on the Dark Web by Nearchos Nearchou(4491)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4414)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4325)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4164)
The Age of Surveillance Capitalism by Shoshana Zuboff(3948)
Python for Security and Networking - Third Edition by José Manuel Ortega(3731)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3508)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3402)
Mastering Python for Networking and Security by José Manuel Ortega(3344)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3330)
Blockchain Basics by Daniel Drescher(3292)
Learn Wireshark by Lisa Bock(3249)
