Are you heading over to AWS Reinvent in Las Vegas, November 29 – December 3, 2021? If so, then there’s a booth you’re going to want to visit, especially if migrating to the cloud is in your future. But first, you have to understand why.
The Curious Case of Cloud Security
What consistently falls on the list of top cloud migration challenges? Cloud security. And that applies even if AWS is your cloud service provider (CSP). “One of the prime barriers to AWS cloud migration is data security concerns and compliance,” according to Indellient. “In fact, the SANS 2019: The State of Cloud Security report shows that 56 percent of respondents indicated that they’re extremely concerned about cloud security when moving to the cloud.”
What’s the source of this concern? After all, AWS does have an excellent security track record. It’s something called the Shared Responsibility Model. You see, when it comes to securing your AWS cloud deployment, you and AWS are in it together. They are responsible for some aspects of securing your cloud deployment, but not everything. You have some responsibilities too.
Their Responsibility and Your Responsibility
From their website, “AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. The customer assumes responsibility and management of the guest operating system (including updates and security patches), other associated application software as well as the configuration of the AWS provided security group firewall. Customer responsibility will be determined by the AWS Cloud services that a customer selects. This determines the amount of configuration work the customer must perform as part of their security responsibilities.”
In other words, they handle the underlying infrastructure, but you are still responsible for the security of everything that resides on that infrastructure, which includes configuration.
Perhaps you were hoping that “lifting and shifting” to AWS would make all your security challenges go away. Now you know better. And now that you do, there’s just one question left to answer: are you fully prepared to migrate securely to the cloud? And if the answer is anything but an emphatic yes, then may we suggest a booth you might visit at AWS Reinvent.
The Booth You Should Visit
The booth you should visit at the upcoming tradeshow is ThreatModeler #1626. The company provides automated threat modeling capability that secures software development AND cloud deployments. And with their new joint offering with AWS, ThreatModeler empowers DevSecOps to achieve security early in the cloud migration design phase. Consequently, it reduces overall time and cost to fix security issues (often from weeks to just a few hours), thereby maximizing ROI.
ThreatModeler will change your approach to cloud security. It changes it from reactive—wait until you deploy and look for problems—to proactive—design your AWS environment with security built in.
What’s the best part of using ThreatModeler? You don’t need to be a cloud security expert to deploy securely in the cloud. ThreatModeler automatically converts your architecture diagram into a threat model with a list of threats and relevant security recommendations for AWS services.
If you’re getting ready to migrate to cloud and you’re heading to AWS Reinvent, you may as well stop by the ThreatModeler booth #1626 for a demo and see how quick and easy it is to make your migration a secure one.