Home United States USA — software How Amazon Web Services runs security at a global scale

How Amazon Web Services runs security at a global scale

359
0
SHARE

AWS CISO told ZDNet that security is job zero for the cloud behemoth.
Amazon Web Services (AWS) runs a pretty tight ship where security is concerned; the organisation, after all, holds critical business applications and information for some of the world’s largest banks, government entities, and streaming services such as Netflix and Spotify that would render many parts of the world useless, or at least mad, if its datacentres were to fail.
AWS has a vastly higher bar for security than most companies, mainly because its ability to meet the security expectations of its customers is perhaps the company’s most important element — customers have to be willing to trust AWS with their businesses and their data.
With the security responsibility AWS has on behalf of its customers, one assumption would be that its security operations centre (SOC) has staff in the hundreds, but the man in charge of security at the cloud giant told ZDNet it doesn’t actually have a SOC.
« I love every time I get a SOC question because we don’t have one, » president of security engineering and the chief information security officer at AWS Steven Schmidt said.
« Literally. There is no room with monitors and people sitting in it, etc. I have exactly one on-call security engineer. Exactly one.
« Now there’s a whole team to back up if something blows up, but literally their job is babysitting the automation. »
Schmidt told ZDNet during AWS re:Invent in Last Vegas last month that it instead builds automation to do all the tasks that are normally performed by humans, attributing this to two main reasons.
« One is I can’t scale the number of people that I would need to operate a business this big otherwise and two, automation is repeatable and auditable and always does the same thing, » he explained.
« Human beings make mistakes; they change the way they behave day-to-day. They’re having a bad day because they’re sick or they’re hungry or whatever, they do things a little differently.

Continue reading...