upto 50% Off Upgrade your Skills with our Special Offers! JOIN NOW X

AWS Security vs Azure Security:

Cloud computing has become a major player to reckon with storing pictures, documents and doing computations and many other things moving to the cloud, Cloud providers are constantly gaining in popularity due to the increased demand for their services. AWS, Azure and GCP are some of the popular cloud service providers today.

AWS:

AWS or ‘Amazon web services’ is one of the world’s leading cloud computing providers. It offers a number of services such as computation, storage, networking, database and more. AWS has had a lion share of the cloud computing market till 2019 – but competitors such as Azure and GCP are not far behind. AWS was re-launched in 2006 after being initially launched in 2002. Some of AWS customers include SoundCloud, University of Maryland, Department of Defense (USA), British Gas and more.

Let us look at AWS security in greater detail:

AWS security deals with two areas – ‘Security of the cloud’ and ‘Security in the cloud’.

‘Security of the cloud’ deals with the security of the data centers, compliance regulations of the data stored and mitigating DDoS attacks against data centers.

‘Security in the cloud’ deals with identity and access management, detective controls, infrastructure protection, data protection and incident response.

Azure:

Microsoft Azure is another top cloud computing platform for deploying applications on the cloud. Microsoft Azure provides SaaS (Software as a service), PaaS (Platform as a service) and IaaS (Infrastructure as a service) It was initially launched in February 2010 as Windows Azure but was rechristened to its present name in 2014.

Some customers of Microsoft Azure include Coca-cola, NBA, Chevron, Daimler, FedEX and more.

Microsoft Azure implements security by separating it into six functional areas – Operations, Application, Storage, Networking, Compute and Identity.

Here are the ways in which security is implemented in AWS and Azure:

AWS Security Azure Security

Identity and access management

AWS Services that can be used to implement IAM:

 

  • AWS Secrets Manager
  • AWS Single Sign On
  • AWS STS
  • AWS Directory service
  • AWS organizations

 

 

 

  • Azure Active directory
  • Single sign on
  • multi-factor authentication

 

Detection controls

AWS services that can be used to provide monitoring and logging are:

 

  • Amazon GuardDuty
  • AWS Trusted advisor
  • Amazon VPC Flow logs
  • AWS Security Hub
 

  • Azure Monitor logs
  • Azure Security Center(monitors traffic, collects data and analyzes data for threats)

Infrastructure protection

  • AWS System manager
  • AWS Firewall manager
  • AWS Direct connect
  • AWS Cloud formation

 

  • Customer data is protected by:
  • Hypervisor firewall
  • Native host firewall
  • Host firewall

Data protection

  • Client side encryption
  • Server side encryption
  • AWS Cloud HSM
  • Amazon S3 glacier
  • AWS certificate manager
  • Amazon Macie
  • Encryption of data at rest
  • Encryption of data in transit
  • Azure Disk encryption
  • Key management with Azure Key Vault

 

Incident response

APIs for automating incident response

  • AWS CloudFormation
  • Performing forensics
The Security Incident Response team follows the Security Incident Response lifecycle:

  • Detect
  • Assess
  • Diagnose
  • Stabilize/Recover
  • Close

 

We saw some of the features by means of which AWS Security and Azure Security are implemented. While both of them are interested in protecting the data of their customers in the cloud, they both have their own ways and tools to do it.

“AWS Security or Microsoft Azure – which is better?” has no clear answers and it is always a battle that keeps see-sawing one way or the other!

If you would like to get certified in AWS Security or Azure Security do contact us today for more on this!

AUTHOR
Jayanthi Manikandan
Writer And Editor
Jayanthi Manikandan has a Master’s degree in Information systems with a specialization in Information Assurance from Walsh college, Detroit, MI. She is passionate about Information security and has been writing about it for the past 6 years. She is currently ‘Security researcher at InfoSec train
TOP