Amazon Seeks to Improve AWS Security with New Controls
As more and more MSPs take advantage of services such as AWS, a familiar problem seems to raise its ugly head — data security. Nowhere has that become more critical in the growing NoSQL arena, where countless enterprises are beginning to leverage technologies such as big data and business analytics in the cloud. Amazon has heard the cries of the poorly protected and has instituted new security controls that bring default encryption scenarios into the management picture.
MSPs that are members of the AWS Channel Reseller Program now have access to simple-to-implement encryption tools and other features that bring an extra level of security to AWS storage options. Arguably, the most important is Amazon DynamoDB, which Amazon describes as a fast, flexible NoSQL database service with high scaling capabilities. It offers a pay-as-you-go pricing model and the promise of consistent, single-digit millisecond latency. According to (AWS) Premier Consulting Partner 2nd Watch, the demand for Amazon DynamoDB services is rapidly growing.
“We are seeing enterprise customers adopt new services at a much faster rate than in years’ past — products like Amazon CloudWatch, Amazon DynamoDB, AWS Lambda, Amazon Workspaces and AWS Glue. These products make provisioning, growing and monitoring of AWS incredibly easy, and allow enterprises to focus on their core businesses,” says Jeff Aden, co-founder and executive vice president of marketing and strategic business development at 2nd Watch. “Large enterprises are capturing the benefits of cost savings, while decreasing their time to market and increasing their ability to make informed decisions.”
Aden’s observations are backed by 2nd Watch’s ability to monitor the more than 600 enterprise workloads under its management and more than 200,000 instances in its managed public cloud. This only highlights the importance enhanced security brings to the DynamoDB market.
“Today we are giving you another data protection option with the introduction of encryption at rest for Amazon DynamoDB,” AWS spokesperson Jeff Barr wrote in a recent blog. “You simply enable encryption when you create a new table, and DynamoDB takes care of the rest. Your data (tables, local secondary indexes, and global secondary indexes) will be encrypted using AES-256 and a service-default AWS Key Management Service (KMS) key.”
The feature is available now in eastern parts of the U.S. (northern Virginia, Ohio); the West (Oregon) and the EU (Ireland).
“There’s no charge for the encryption; you will be charged for the calls that DynamoDB makes to AWS KMS on your behalf,” Barr adds.
The new at-rest encryption offering is another in a long list of enhancements since DynamoDB’s release back in 2012. Others include a backup-and-restore option, as well as an enhanced AWS Management Console. Those improvements and others make DynamoDB a valid choice for MSPs looking to build out big-data solutions for customers that have security concerns and might have to meet compliance requirements.
Today, protecting data at rest is becoming just as important as protecting data in motion, which in turn increases the liabilities of MSPs looking to engage new markets and develop new services and solutions that are data-intensive. Big data is thriving and is on the way to becoming a $200 billion industry by 2020, according to IDC. Cloud companies are obliging by rapidly rolling out services to support nearly every kind of big-data application. That includes Amazon, which announced at its re:Invent conference last fall enterprise-friendly upgrades to its DynamoDB NoSQL database.