(Photo courtesy Wikimedia Commons / cc3.0 )
Even after all these years, during which private data centers have fallen victim to countless security breaches while cloud providers sail along unharmed, cloud security is still one of the top concerns for Amazon Web Services customers. The company hopes new security features introduced Wednesday at re:Invent 2018 put those customers at ease.
AWS Security Hub is a new dashboard that will allow AWS customers to see a snapshot of their security posture across their account using AWS security services likeGuardDuty as well as third-party security software from companies that partner with AWS, like Symantec and F5 Networks. It will aggregate the deluge of security notifications that those products tend to hurl at their users and organize that information in an easier-to-understand way.
“Centralization is nothing new; what we really wanted to focus on with Security Hub was prioritization,” said Stephen Schmidt, chief information security officer for AWS, in an interview following the keynote speech. “So we build maps of the customer systems, analyze the security of the systems using the tools that are built in like Inspector and Guard Duty, and then prioritize the work that their security teams have to do to secure the estates better.”
The company also hopes that another new service called AWS Control Tower will help address the scourge of customers who leave their S3 storage buckets unprotected on the internet , either inadvertently or for convenience. Control Tower allows administrators to set access levels for organizations in which lots of people have accounts granting them access to their company’s AWS infrastructure.
As the largest cloud provider in the world, AWS is arguably one of the biggest targets outside of major financial institutions or government agencies. Yet the threats against it and the types of malicious actors seeking to get inside AWS haven’t really changed over the last few years; “You’ve got the same people motivated by the same things,” Schmidt said, which includes financial reward, hacker cred, and nation-states attempting to advance their agendas.