In recent years, the advent of public clouds, as well as growing IT threats, have prompted IT players to adapt quickly and regularly. This turn is unavoidable.
However, while data protection is becoming better understood and known to the general public, it remains a source of concern for businesses, especially when the data is hosted on a public cloud such as AWS (Amazon Web Services ). Most of the time, migration to this cloud can improve the security of information systems. In addition, a public cloud attracts more attacks than a private cloud, so their system has been specifically designed to withstand the latter.
It is in this context that the Cloud Security Day event, which took place on May 17, 2018 in Geneva, was created to meet the concerns of Swiss companies and to allow them to meet experts from the Net4All secure cloud and AWS.
Cloud Security: A Priority for AWS
AWS cloud is now dominant in the cloud market. Thus, it is estimated that Amazon holds a 44.2% stake in this market, far ahead of the 7.1% of Microsoft, the 3% of Alibaba and the 2.3% of Google.
Amazon Web Services logoThe report is there: the cloud attracts and scares at a time. Indeed, companies often have difficulties to consider storing their data on equipment they do not control. However, Amazon Web Services provides maximum computer security for its equipment: for their teams, security is “Job Zero”, that is, it is considered a priority. Contrary to popular belief, the equipment benefits from a very high level of security. In addition, the Amazon security team (AWS), continuously available, is constantly improving thanks to feedback from their millions of customers.
Guarantees for this security include the significant number of accreditations with which AWS is in compliance. Warning: this does not mean that your information system migrated to AWS benefits from these accreditations by default! You must also make the process of certification of your own environment, and this will be possible precisely because the base on which these are installed is in conformity with said certification.
The nuance is essential: Amazon Web Services ensures the security of the cloud (the base, the foundations of your architecture). It remains to ensure security in the cloud: it’s up to you to protect your application, but we can help you protect your system layer! However, the protection of all these layers must always meet your security policy, which remains the responsibility of the company: you define it, control it and are responsible for its proper implementation.
Cloud Security Day: the review of the morning
Net4All and AWS hosted more than 40 participants on May 17, to answer their queries and share user-friendly security in the AWS cloud. By limiting the number of registrations, the desire was to create a friendly atmosphere and a climate of proximity, allowing everyone to express themselves and discuss their issues with the experts present.
After an introduction by Margo Cronin (cloud architect at AWS) who touched on the subject of RGPD and how AWS enabled its customers to adapt, Emile Heitor and Thibault Koechlin, (cloud and security experts for OT Group) Highlighted and presented the technical details of security in the public cloud. Through this presentation, the audience was able to perceive that the ideas received were hard and that a migration under AWS was not necessarily synonymous with danger for their confidential data, provided they were accompanied and advised by reliable partners.
Finally, Amer Sports (Salomon, Wilson, Atomic, Arc’teryx, Mavic, Suunto and Precor) has agreed to share its AWS experience seamlessly, highlighting their successes and failures on this project. As Amer Sports’ growth is important in the United States and Asia, they have chosen AWS to benefit from its many points of presence to improve latency for its foreign customers. And that’s just one of the benefits of the public cloud! However, since Amer Sports does not want to compromise on the security of their platforms, they benefit from the CerberHost secure cloud solution, available on AWS, which provides 360 ° security even in case of the application vulnerability.
Participants in this morning have left the scene with a better view of security on the public cloud, and especially on AWS, allowing them to better project on a potential migration project.