Amazon cloud services

How do your Amazon’s current security policies align against the regulatory requirements?

            Amazon relies on enhanced security and good work ethics to ensure that its security policies are in line with the regulatory requirements that govern the market it operates in. Since the company deals in a wide variety of products, Amazon is legally required to protect the intellectual rights of all the products sold on its site (Kanikathottu, 2020). The company has a moral and legal obligation to ensure that the products sold are not counterfeit but of the highest quality. The state of the products and services sold is crucial as counterfeit products could result in the company losing its license or having some privileges taken away or suspended. Practicing good work ethics ensures that the company’s security policies are in line with the regulatory requirements of the market it operates in.

            The company further relies on enhance security and abide to the standards set by governments to secure customer information while shopping online. This is achieved through the Amazon Web Service (AWS) platform that informs the company’s employees about the measures that have been put in place to offer more security and compliance in the cloud (Amazon, 2020). AWS offers amazon and its clients audit friendly services that meet up to acceptable audit standards in society that create a safe and secure online environment.

            The company further ensures that its clients remain compliant with the laws and regulations that govern the regions the company operates in. customers and organizations that are directly involved with Amazon are guided on how to enhance security to enhance security (Amazon, 2020). Promoting safe use of the internet ensure that all parties involved in the cloud service comply with the laws and provisions stipulated by the relevant authorities and this greatly enhances security online and in the cloud.

How do cloud security policies from a recommended vendor align against regulatory requirements? 

Cloud security policies from recommended vendors align against regulatory requirements through the role they play in the overall security of the organizations they align themselves with. Organizations are required to engage in activities that help to manage vulnerable areas by factors in the environment that may cause problems and resolving the risks before they cause any harm (IGI, 2019). Different organizations test all forms of software to check for weaknesses and other entities that could be introduced by third parties and negatively impact their ability to offer secure services. Since security is enhanced by a company’s vigilance and ability to overcome challenges, preparing for vulnerabilities and resolving them early in advance greatly contributes to an organization’s ability to meet their regulatory requirements.

For amazon, Amazon Web Services give vendors and other users more control over their cloud computing and this makes their working environment more secure and flexible. The AWS data centers ensure that customers’ sensitive information, identity and the devices they use to access the cloud are secure and do not leave the organization vulnerable to attacks through other users and vendors (Buchanan, 2011). It also helps them to comply with security requirements and regulations provided to enhance security on the cloud.

 

 

 

In order to meet regulatory requirements, what additional security measures must Amazon implement when migrating to cloud services?

            Amazon can engage in continuous monitoring when migrating to cloud services as an additional security measure. The cloud is dispersed in nature and rather complex which makes monitoring and logging of activities crucial to maintaining a secure environment (IRMA, 2015). Since compliance verification heavily depends on the organization’s ability to identify how events occur, who is responsible and the steps involved, continuous monitoring helps to enhance accountability (Amazon, 2020). When migrating to cloud services, continuous monitoring will assist in ensuring that all cloud resources are enabled and the appropriate security measures are in place. Continuous monitoring also prompts to engage in security measures that require updates such as re-encrypting logs and encrypting data. It also makes it easier to analyze the effectiveness of the measures put in place to ease the change to cloud services.

            The company should also conduct vulnerability management to ensure that there are no risks that could affect the transition process. The company must conduct adequate research and assess its environment in order to identify possible risks that could come about during the transition to cloud services. When third parties are involved in the process, the company should ensure that the third parties also take enough precautions to protect any sensitive information shared in the process. New technology and devices used during the transition should also be tested to avoid introducing any vulnerabilities through the hardware and software used to make the shift to clod services.

            Migrating to cloud services should also prompt the company to train its employees on how to enhance security. Since cloud services will alter how employees go about performing duties, training will ensure that employees are aware of what procedures to follow and how to maintain a secure working environment. The training should also draw attention to areas that pose the greatest risk to security so as to inform employees on the need to take more precautions in such environments. The training will go a long way in enhancing the sustainability of the processes introduced because the responsibility to maintain a secure environment will fall to the employees.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

References

Amazon, (2020) “About Amazon” https://www.amazon.com/

Buchanan J, (2015) “Cloud computing: 4 tips for regulatory compliance” CIO retrieved from,             https://www.cio.com/article/2405607/cloud-computing--4-tips-for-regulatory-        compliance.html

Kanikathottu H, (2020). AWS security cookbook; practical solutions for managing security          policies, monitoring, auditing, and compliance with AWS.  PACKT Publishing.

IGI Global, (2019) “Cloud security: Concepts, methodologies, tools, and applications”. Hershey,             Pennsylvania 

Information Resources Management Association, (2015) Cloud technology: Concepts,     methodologies, tools, and applications. Hershey PA, USA Information Science