This post is the second in our series on AWS application management and associated best practices. You can find part one of the series here. In this part we are going to look at security and some things that need to be considered when moving your application to the cloud in general and AWS in particular.
Haven't we been doing this forever?
This is the first thing that many IT pros ask when we start talking about security. And the answer is yes, we have and many of those lessons that have been learned continue to apply. However, some things do change when you move to the cloud.
You are no longer responsible for physical security.
You are no longer responsible for patching the underlying hypervisor.
Depedending on the service that you are using, you may not be responsible for OS or application level patching either.