Which of the following is the responsibility of AWS according to the shared security model Select all that apply?

Do you know where AWS' security responsibility ends and yours begins? Try your hand with this quick quiz.

By

  • Stephen J. Bigelow,

Published: 06 Feb 2018

In a traditional data center, an enterprise exercises total control over its facility and assumes full responsibility for infrastructure security and operation. But with the public cloud, that all changes, and now, many users need to grow accustomed to the AWS shared responsibility model.

Public cloud adopters can shed the expense and management burden of traditional IT infrastructure in favor of on-demand, pay-as-you-go services. But they also surrender control and insight into that infrastructure and must trust the provider to ensure availability and security.

While AWS says it can provide secure cloud infrastructure, it cannot guarantee the security of workloads in the cloud. It's a subtle but profound distinction that delineates the separation between providers and users. When you migrate workloads and data to the cloud, it doesn't absolve you of regulatory compliance and corporate governance obligations. The provider can deliver tools and technologies necessary to protect an environment, but it's up to users to implement them to secure workloads and data.

Thus, AWS and its users share security responsibilities. See how much you know about the AWS shared responsibility model and your cloud accountability with this brief quiz.

Dig Deeper on AWS infrastructure

  • shared responsibility model

    By: Kathleen Casey

  • GovTech to enhance Government on Commercial Cloud

    By: Aaron Tan

  • Understand the 5 main benefits of hybrid cloud for businesses

    By: Stephen Bigelow

  • Cloud misconfiguration a growing cause of security incidents

    By: Sebastian Klovig Skelton

Reading Time: 3 minutes

Like most cloud providers, AWS operates under a shared responsibility model. AWS takes care of the security ‘of’ the cloud while AWS customers are responsible for security ‘in’ the cloud. 

AWS has made platform security a priority to protect customers’ critical information and applications taking responsibility for its infrastructure’s security. AWS detects fraud and abuse and responds to incidents by notifying customers. However, the customer is responsible for ensuring their AWS environment is configured securely and data is not shared with someone it shouldn’t be shared with inside or outside the company, identifying when an identity people or non-people misuses AWS, and enforcing compliance and governance policies.

AWS is focused on the security of AWS infrastructure, including protecting its computing, storage, networking, and database services against intrusions because it can’t fully control how its customers use AWS. AWS is responsible for the security of the software, hardware, and the physical facilities that host AWS services. Also, AWS takes responsibility for the security configuration of its managed services such as AWS DynamoDB, RDS, Redshift, Elastic MapReduce, WorkSpaces, and others.

What is the Customer Responsibility ‘in’ AWS?

AWS customers are responsible for the secure usage of AWS services that are considered unmanaged. For example, while AWS has built several layers of security features to prevent unauthorized access to AWS, including multi-factor authentication, it is the customer’s responsibility to make sure multifactor authentication is turned on for users, particularly for those with the most extensive IAM permissions in AWS.

Furthermore, the default security settings of AWS services are often the least secure. Correcting misconfigured AWS security settings, therefore, is a low-hanging fruit that organizations should prioritize to fulfill their end of AWS security responsibility.

Below are AWS checklists to help you govern and secure your AWS cloud, including but not limited to the following:

Responsibility of the Public Cloud Checklist

Who is Responsible?Customer Responsibility AWS Responsibility
Preventing or detecting when an AWS account has been compromised
Preventing or detecting a privileged or regular AWS user behaving in an insecure manner
Business continuity management [availability, incident response]
Protecting against AWS zero-day exploits and other vulnerabilities
Providing environmental security assurance against things like mass power outages, earthquakes, floods, and other natural disasters
Providing physical access control to hardware/software
Configuring AWS Managed Services in a secure manner 
Ensuring network security [DoS, man-in-the-middle [MITM], port scanning]
Ensuring AWS and custom applications are being used in a manner compliant with internal and external policies
Updating guest operating systems and applying security patches
Restricting access to AWS services or custom applications to only those users who require it
Ensuring AWS and custom applications are being used in a manner compliant with internal and external policies
Preventing sensitive data from being uploaded to or shared from applications in an inappropriate manner
Database patching
Responsibility of the AWS Public Cloud Checklist Source AWS

As enterprises continue to migrate to or build their custom applications in AWS, the threats they face are no longer isolated like the old world of on-premises applications as identities are the new perimeter.  Preventing many of these threats falls on the shoulders of the AWS customer. So how are you securing your data?

AWS Shared Security Model – Sonrai Security

Are You Ready to Secure Your AWS Environment?

There’s a lot to unpack here, and the truth is these are just a few of the responsibilities you need to understand when using AWS. If you have questions on the division of responsibility, cloud security, privacy ownership, policy enforcement, or how the AWS services work, don’t hesitate to reach out — Sonrai’s technical team of security experts are standing by to help.

If you are interested in learning more about best practices for other Cloud Service Providers, please check out the Azure Shared Responsibility Model Explainedebook.

Which of the following is the responsibility of AWS according to the shared security model?

AWS responsibility “Security of the Cloud” - AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

Which of the following is the responsibility of AWS according to the shared responsibility model Choose 2?

According to AWS Shared Responsibility Model, AWS is responsible for the Security of the Cloud and the customer is responsible for the Security in the Cloud.

Which of the following is AWS responsible for in the shared responsibility model choose 3?

In the shared responsibility model, AWS is responsible for providing security of the cloud.

Which controls are shared under the AWS shared responsibility model select two?

Security and compliance are shared responsibilities between AWS and the customer.

Chủ Đề