Is Your AWS Environment a Security Risk?

March 8, 2017 |
Image of a maze Is Your AWS Enviornment a Security Risk

There’s no dispute, AWS offers enterprises huge benefits. But it also could be putting your organization at risk.

Enterprise network security solutions offer unified threat management to protect the on-premises datacenter including access controls. But when you move compute, database, analytics or applications to AWS, does that protection apply to the cloud?

To ensure AWS is secure, you need to manage access from:

  • Privileged users
  • Employees
  • Customers
  • Third party users (e.g. vendors and contractors)

And that’s where AWS gets complicated. You have two main options:

  1. Give wide-open access and end up with no accountability/visibility, increased risk of security and a lack of compliance.
  2. Enforce tightly controlled access and end up with reduced business agility, friction with DevOps and an inefficient approval process.

Consider the following scenario:

Four users access the Amazon environment from a known source.

Four users access the Amazon environment from a known source.

Their public IP address is the known source. The security groups are configured appropriately.

Their public IP address is the known source. The security groups are configured appropriately.

The challenge is when users try to access from other locations.

The challenge is when users try to access from other locations.

So what do you do? There’s a better way that helps to reduce AWS operational complexity and extend enterprise network security to the cloud. It’s called a Software-Defined Perimeter.

A Software-Defined Perimeter gives every user on your network – whether an internal employee or a third-party working for you – an individualized perimeter around themselves and the network resources that they’re allowed to access.

Click to Tweet: A Software-Defined Perimeter gives every user an individualized perimeter to access network resources.Tweet: A Software-Defined Perimeter gives every user an individualized perimeter to access network resources @Cryptzone https://ctt.ec/8N000+

Industry experts are widely accepting the Software-Defined Perimeter security architecture as the next big thing in network security:

  • It is easier and less costly to deploy than firewalls, VPN concentrators and other bolt-in technologies. (Gartner)
  • SDP enables organizations to provide people-centric, manageable, secure and agile access to networked systems. (Cloud Security Alliance)
  • Legacy, perimeter-based security models are ineffective against attacks. Security and risk pros must make security ubiquitous throughout the ecosystem. (Forrester)

To learn what a Software-Defined Perimeter will do for your AWS environment, check out the eBook.

Operational Complexity: The Biggest Security Threat to Your AWS Enviornment from Cryptzone

Back to Blog Home

Paul Campaniello

Paul Campaniello is the Chief Marketing Officer for Cryptzone where he is responsible for worldwide marketing strategy, execution and sales support. Paul has over 25 years of experience with software startup companies.

He has held several senior marketing and sales positions including CMO/VP of Marketing at ScaleBase, Mendix, Lumigent, ComBrio and Savantis. Prior to Savantis, he was at Precise Software, where he helped build Precise from a startup to $100 million prior to going public and being acquired by VERITAS for $640 million.

Paul holds both a BS and an MBA from Bentley University.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>