SlideShare ist ein Scribd-Unternehmen logo

Cloud security comparisons between aws and azure

Als PPTX, PDF herunterladen
A
Abdul Khan

The document compares security patterns and solutions between Amazon Web Services (AWS) and Microsoft Azure for cloud computing. It discusses six key areas of comparison: 1) compliance and regulatory, 2) identity authentication and authorization, 3) secure development, operation and administration, 4) privacy and confidentiality, 5) secure architecture, and 6) provides examples of specific security solutions offered by each cloud provider for different security patterns within each area.

Technologie
1 von 10
Cloud Security Comparisons between AWS and Azure By Abdul khan
Author • Abdul Khan • IT Consultant based in Manchester, UK • Engineering Lead, Executive, Technologist, Architect • IT experience, within the private and public sectors (Retail, Banking, Digital, Insurance, M.O.D., HMRC, Aviation, Telecommunication, Housing Associations, Education, Travel, and Pharmaceutical companies). Excellent architectural and strong DevOps experience with proven-track record of delivering E2E, B2B and B2C solution on regional and global programs. • SME in specializing in providing integration, data migration, digital transformations to the cloud solutions (Azure and AWS) • Wealth of experience in global projects across EMEA, ASPAC and LATAM • Liked in profile https://www.linkedin.com/in/abdul-khan-uk/
Content 1. Key Areas Of Cloud SaaS Security Patterns 2. Security Comparisons between AWS and Azure : Compliance and Regulatory 3. Security Comparisons between AWS and Azure : Identity Authentication and Authorisation 4. Security Comparisons between AWS and Azure : Secure Development, Operation and Administration 5. Security Comparisons between AWS and Azure : Privacy and Confidentially 6. Security Comparisons between AWS and Azure : Secure Architecture Security Comparisons between AWS and Azure
1. Key Areas Of Cloud SaaS Security Patterns Cloud Security Patterns Compliance and Regulatory Patterns • Data Citizenship • Cryptographic Erasure • Shared Responsibility Model • Compliant Data Transfer • Data Retention • Data Lifecycle • Intentional Data Remanence Identity Authentication and Authorisation Patterns • Multi-Factor Authentication • Federation (single -on) • Access Token • Mutual Authentication • Secure User Onboarding • Identity and Access Manager • Per-request Authentication • Access Control Clearance Secure Development, Operation and Administration Patterns • Bastion Server • Automated Threat Detection • Durable Availability • Economic Durability • Vulnerability Management and Privacy and Confidentially Patterns • End-to-End Security • Computation on Encrypted Data • Data Anonymisation • Process Purpose Control Secure Architecture Patterns • Virtual Network • Web Application Firewall • Secure Element • Secure Cold Storage • Certificate and Key Manager • Hardware Security Module • Secure Auditing
2. Security Comparisons between AWS and Azure : Compliance and Regulatory Category Pattern Solution In AWS Solution In Azure Compliance and Regulatory Data Citizenship Use AWS location Tags to designate the location for the data processing Azure information and location Tag. Azure FrontDoor Service Cryptographic Erasure Use AWS KMS Use Azure Key Vault Shared Responsibility Model AWS provides different Services to protect data and systems. AWS is only responsible for the availability and basic security of the cloud platform Azure provides different Services to protect data and systems. Azure provides is only responsible for the availability and basic security of cloud platforms Compliant Data Transfer AWS Location Tag Azure Location Tag Data Retention The Data retention policies can be defined and executed by AWS (e.g. Lambda) Azure provides option to define data retention policy in Database System Data Lifecycle AWS data lifecycle manager Azure blob storage lifecycle International Data Remanences Database (e.g. DynamoDB) Database ( e.g. Azure Database backup)
3. Security Comparisons between AWS and Azure : Identity Authentication and Authorisation Category Pattern Solution In AWS Solution In Azure Identity Authentication and Authorisation actor Authentication AWS Azure Multi-Federation (single -on) AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Access Token AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Mutual Authentication AWS TLS/SSL Certification, Certification Features of API Gateway (AWS Client VPN) Azure App Service Secure User Onboarding AWS customer on boarding Azure Security Centre Identity and Access Manager AWS IAM and Cognito Azure AP management & REST API authentication Per-request Authentication AWS Signing and Authenticating REST Requests AWS API Management & REST API Authentication Access Control Clearance AWS cloud watch and AWS Cognito/IAM Azure access control Service
4. Security Comparisons between AWS and Azure : Secure Development, Operation and Administration Category Pattern Solution In AWS Solution In Azure Secure Development, Operation and Administration Bastion Server AWS Bastion Host Azure Bastion Host Automated Threat Detection AWS GuardDuty Azure Advance threat protection Durable Availability AWS Cloud Watch, AWS WAF Azure Web Access Firewall & firewall application gateway Economic Durability AWS Cloud Watch Azure Monitor Vulnerability Management AWS Vulnerability scanning Vulnerability scan in Azure security centre
5. Security Comparisons between AWS and Azure : Privacy and Confidentially Category Pattern Solution In AWS Solution In Azure Privacy and Confidentially End-to-End Security AWS KMS, Certification Manager Azure Key Vault Computation on Encrypted Data NA NA Data Anonymisation Algorithms can be defined and ran by AWS Modules Azure Dynamic Data Masking on SQL databases Process Purpose Control NA NA
6. Security Comparisons between AWS and Azure : Secure Architecture Category Pattern Solution In AWS Solution In Azure Secure Architecture Virtual Network AWS Virtual Private Cloud (VPC) Azure Virtual Network Web Application Firewall AWS WAF Azure Application Firewall Gateway Secure Element AWS IoT Device Management Azure IoT Hub & loT Suit Secure Cold Storage AWS Glacier Azure Coldblob Storage Certificate and Key Manager AWS Certificate and Key Manager (AWS KMS) Azure Key Vault Hardware Security Module AWS CloudHSM Azure Dedicated HSM Secure Auditing AWS Auditing Security Checklist Azure Monitor, Stream, Network Watcher
- END OF DECK By Abdul Khan – https://www.linkedin.com/in/abdul-khan-uk/

Empfohlen

7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure
Abdul Khan
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
Security Innovation
 
Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013
javagroup2006
 
Cyber Ranges: A New Approach to Security
Cyber Ranges: A New Approach to SecurityCyber Ranges: A New Approach to Security
Cyber Ranges: A New Approach to Security
Security Innovation
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
 
AWS Security
AWS Security AWS Security
AWS Security
Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
 

Empfohlen

7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure
Abdul Khan
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
Security Innovation
 
Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013
javagroup2006
 
Cyber Ranges: A New Approach to Security
Cyber Ranges: A New Approach to SecurityCyber Ranges: A New Approach to Security
Cyber Ranges: A New Approach to Security
Security Innovation
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
 
AWS Security
AWS Security AWS Security
AWS Security
Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The Cloud
Mark Nunnikhoven
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
Giovanni Mazzeo
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
Charles Lim
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
Reza Pahlava
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
Azure security
Azure securityAzure security
Azure security
Lalit Rawat
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
Lalit Rawat
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
Amazon Web Services
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
Security Innovation
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02
life2013
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (19)

Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The Cloud
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Azure security
Azure securityAzure security
Azure security
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Cloud security
Cloud securityCloud security
Cloud security
 

Ähnlich wie Cloud security comparisons between aws and azure

Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02
life2013
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
ShivamSharma909
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
Amazon Web Services Korea
 
Datensicherheit mit AWS - AWS Security Web Day
Datensicherheit mit AWS - AWS Security Web DayDatensicherheit mit AWS - AWS Security Web Day
Datensicherheit mit AWS - AWS Security Web Day
AWS Germany
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Amazon Web Services
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
Infosec
 

Ähnlich wie Cloud security comparisons between aws and azure (20)

Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02Cloudintroog2 141126041208-conversion-gate02
Cloudintroog2 141126041208-conversion-gate02
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
 
Datensicherheit mit AWS - AWS Security Web Day
Datensicherheit mit AWS - AWS Security Web DayDatensicherheit mit AWS - AWS Security Web Day
Datensicherheit mit AWS - AWS Security Web Day
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the Cloud
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
Aberdeen Oil & Gas Event - Introduction to the AWS Cloud
Aberdeen Oil & Gas Event - Introduction to the AWS CloudAberdeen Oil & Gas Event - Introduction to the AWS Cloud
Aberdeen Oil & Gas Event - Introduction to the AWS Cloud
 
AWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
AWS Canberra WWPS Summit 2013 - AWS Governance and Security Overview
 

Kürzlich hochgeladen

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Kürzlich hochgeladen (20)

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 

Cloud security comparisons between aws and azure

  • 1. Cloud Security Comparisons between AWS and Azure By Abdul khan
  • 2. Author • Abdul Khan • IT Consultant based in Manchester, UK • Engineering Lead, Executive, Technologist, Architect • IT experience, within the private and public sectors (Retail, Banking, Digital, Insurance, M.O.D., HMRC, Aviation, Telecommunication, Housing Associations, Education, Travel, and Pharmaceutical companies). Excellent architectural and strong DevOps experience with proven-track record of delivering E2E, B2B and B2C solution on regional and global programs. • SME in specializing in providing integration, data migration, digital transformations to the cloud solutions (Azure and AWS) • Wealth of experience in global projects across EMEA, ASPAC and LATAM • Liked in profile https://www.linkedin.com/in/abdul-khan-uk/
  • 3. Content 1. Key Areas Of Cloud SaaS Security Patterns 2. Security Comparisons between AWS and Azure : Compliance and Regulatory 3. Security Comparisons between AWS and Azure : Identity Authentication and Authorisation 4. Security Comparisons between AWS and Azure : Secure Development, Operation and Administration 5. Security Comparisons between AWS and Azure : Privacy and Confidentially 6. Security Comparisons between AWS and Azure : Secure Architecture Security Comparisons between AWS and Azure
  • 4. 1. Key Areas Of Cloud SaaS Security Patterns Cloud Security Patterns Compliance and Regulatory Patterns • Data Citizenship • Cryptographic Erasure • Shared Responsibility Model • Compliant Data Transfer • Data Retention • Data Lifecycle • Intentional Data Remanence Identity Authentication and Authorisation Patterns • Multi-Factor Authentication • Federation (single -on) • Access Token • Mutual Authentication • Secure User Onboarding • Identity and Access Manager • Per-request Authentication • Access Control Clearance Secure Development, Operation and Administration Patterns • Bastion Server • Automated Threat Detection • Durable Availability • Economic Durability • Vulnerability Management and Privacy and Confidentially Patterns • End-to-End Security • Computation on Encrypted Data • Data Anonymisation • Process Purpose Control Secure Architecture Patterns • Virtual Network • Web Application Firewall • Secure Element • Secure Cold Storage • Certificate and Key Manager • Hardware Security Module • Secure Auditing
  • 5. 2. Security Comparisons between AWS and Azure : Compliance and Regulatory Category Pattern Solution In AWS Solution In Azure Compliance and Regulatory Data Citizenship Use AWS location Tags to designate the location for the data processing Azure information and location Tag. Azure FrontDoor Service Cryptographic Erasure Use AWS KMS Use Azure Key Vault Shared Responsibility Model AWS provides different Services to protect data and systems. AWS is only responsible for the availability and basic security of the cloud platform Azure provides different Services to protect data and systems. Azure provides is only responsible for the availability and basic security of cloud platforms Compliant Data Transfer AWS Location Tag Azure Location Tag Data Retention The Data retention policies can be defined and executed by AWS (e.g. Lambda) Azure provides option to define data retention policy in Database System Data Lifecycle AWS data lifecycle manager Azure blob storage lifecycle International Data Remanences Database (e.g. DynamoDB) Database ( e.g. Azure Database backup)
  • 6. 3. Security Comparisons between AWS and Azure : Identity Authentication and Authorisation Category Pattern Solution In AWS Solution In Azure Identity Authentication and Authorisation actor Authentication AWS Azure Multi-Federation (single -on) AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Access Token AWS SSO (Single Sign-On) Azure AD Seamless : Sign-On Mutual Authentication AWS TLS/SSL Certification, Certification Features of API Gateway (AWS Client VPN) Azure App Service Secure User Onboarding AWS customer on boarding Azure Security Centre Identity and Access Manager AWS IAM and Cognito Azure AP management & REST API authentication Per-request Authentication AWS Signing and Authenticating REST Requests AWS API Management & REST API Authentication Access Control Clearance AWS cloud watch and AWS Cognito/IAM Azure access control Service
  • 7. 4. Security Comparisons between AWS and Azure : Secure Development, Operation and Administration Category Pattern Solution In AWS Solution In Azure Secure Development, Operation and Administration Bastion Server AWS Bastion Host Azure Bastion Host Automated Threat Detection AWS GuardDuty Azure Advance threat protection Durable Availability AWS Cloud Watch, AWS WAF Azure Web Access Firewall & firewall application gateway Economic Durability AWS Cloud Watch Azure Monitor Vulnerability Management AWS Vulnerability scanning Vulnerability scan in Azure security centre
  • 8. 5. Security Comparisons between AWS and Azure : Privacy and Confidentially Category Pattern Solution In AWS Solution In Azure Privacy and Confidentially End-to-End Security AWS KMS, Certification Manager Azure Key Vault Computation on Encrypted Data NA NA Data Anonymisation Algorithms can be defined and ran by AWS Modules Azure Dynamic Data Masking on SQL databases Process Purpose Control NA NA
  • 9. 6. Security Comparisons between AWS and Azure : Secure Architecture Category Pattern Solution In AWS Solution In Azure Secure Architecture Virtual Network AWS Virtual Private Cloud (VPC) Azure Virtual Network Web Application Firewall AWS WAF Azure Application Firewall Gateway Secure Element AWS IoT Device Management Azure IoT Hub & loT Suit Secure Cold Storage AWS Glacier Azure Coldblob Storage Certificate and Key Manager AWS Certificate and Key Manager (AWS KMS) Azure Key Vault Hardware Security Module AWS CloudHSM Azure Dedicated HSM Secure Auditing AWS Auditing Security Checklist Azure Monitor, Stream, Network Watcher
  • 10. - END OF DECK By Abdul Khan – https://www.linkedin.com/in/abdul-khan-uk/