Cloud Computing and AWS Transform Data Security (and More)

The third in a three-part series on how to think about security in AWS environments.

In previous installments in this blog series, we introduced our new white paper, A New Way to Look at AWS Security. We discussed how AWS and AWS-native tools address some of the fundamental security challenges that face any network (on-premise or cloud-based). And we showed how our Observable Cloud solution can help secure your AWS footprint, by anticipating and combating both known and unknown threats.

Here, we’ll look at how the nature of cloud computing itself – and AWS in particular – requires companies to implement new approaches to data security. However, for those firms whose approach to computing and data analysis are “cloud-native,” an AWS deployment offers levels of agility, efficiency, and scalability in core operations that are simply not available in conventional network environments.

New architecture drives new process

AWS creates some new challenges for security, but they have nothing to do with concerns that “I do not own the hardware, hence, I cannot secure it physically.” Rather, the challenges flow from the rate of change that the shift to AWS poses in both technology and scale; and the changing nature of how software is developed and maintained.

The transition to the cloud is not a simple “move your servers to someone else’s environment.” New software architectures, and new processes for organizing the activity of software developers, are creating substantive changes in how IT operates.

A good example is the so-called DevOps trend, in which the traditional division of labor among development, QA, and operations has been collapsed to a single organization of developers. Software developers themselves deal with testing and QA issues as part of the development task; they triage problems in production operations; and debugging and bug fixes are routed back to the developer who originated the code. Each person has built-in incentives to do their best at each stage in this process. The result? Cloud-based development and IT teams deliver features with greater velocity and fewer operational problems.

The transition to the cloud is not a simple ‘move your servers to someone else’s environment.’ New software architectures, and new processes for organizing the activity of software developers, are creating substantive changes in how IT operates.

Agile organizations demand agile technology

These changes are not superficial, or a fad. The explosive growth of AWS itself has been fueled by the explosive growth of its customers – a self-selecting group that has chosen AWS (rather than conventional environments) because they want to make use of AWS-specific services, for purposes of efficiency, scalability, and agility in delivering services or features. It’s reasonable to assume that these companies thrive because they are more successful at achieving efficiency, scalability, and agility than their competitors.

So, how does data security fit into this picture? Here is the deeper motivation for the qualitatively superior security within AWS: all aspects of AWS security must be designed with efficiency, scalability, and agility in mind, because AWS-based companies demand it! In fact, in most AWS-based DevOps organizations, security and incident-response activities are supported as an operations problem. Notifications, whether they represent security, operations, or software-correctness problems, are generally triaged back to the DevOps engineer responsible for last changing the resource. In essence, security-incident response is being blended into DevOps, in a manner analogous to what had happened to QA and standalone Operations, for more or less the same reasons.

For independent developers such as Observable, who work to leverage and extend the AWS infrastructure, the same pressures apply: customers demand software functionality that improves their own prospects of achieving efficiency, scalability, and agility. We are a cloud-native company that serves customers in AWS, on-premise, and in hybrid deployments; but the underlying reason we deploy more often, and more quickly, in AWS is because AWS-based organizations are designed to move faster, while moving safely.

There is a “virtuous circle” among organizations using AWS, which consistently demand platform enhancements that contribute to their business success; Amazon, which continually enhances the capabilities of AWS and AWS-native tools; and independent developers including Observable, which ensure that the advantages of the cloud environment don’t come at the expense of information security. If you’d like to learn more, download our white paper, A New Way to Look at AWS Security.  

Experience Dynamic Endpoint Modeling on your own network

Protecting your AWS infrastructure by identifying insider and external threats faster couldn't be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.

Detect Threats Faster – Start Your Free, No-Risk Trial