This week, we announced the availability of Alert Logic’s Web Security Managerfor Amazon Web Services (AWS). Why is security for web applications in AWS important? While AWS provides a strong security foundation, you have to do your part too. Securing the application layer is your responsibility and it often has compliance implications. Here are five things you should consider…
- It might be a requirement.
Do any of your applications store, process, or transmit credit card information? Do they store information like patient health information (PHI) or support organizations that do? Is your company publicly traded? If yes, your application probably faces compliance requirements like:
- State Privacy Information Privacy mandates
If so, you will likely need a code review, a web application security scanner, or a web application firewall.
- Web applications are the top target of hackers.
The April 2013 Alert Logic State of the Cloud Security Reportfrom April 2013 reveals that web application attack vectors are the most significant threat for cloud environments. Using data from more than 1,800 customer sites, Alert Logic uncovered that web attacks impacted 52% of cloud customers.
- There’s no one type of web application attack
Web attacks are varied and constantly evolving. Web application security group OWASPpublishes the top 10 more serious security risks in web applications. The list contains many different types of attacks, from injecting malicious code to forging HTTP requests and more. Malicious actors have multiple options to do harm.
- Successful web application attacks can cost you…a lot
Estimates for the total annual cost associated with web application attacks vary widely … from tens to hundreds of millions of dollars in the USA alone. Downtime, fines and lawsuits, and loss of customers and customer good-will can harm or even cripple any business.
- Web application security is good for business
Last but not least, it makes good business sense to secure your web applications. They’re often the face of your brand and a path to the rest of your IT environment. They hold important customer data. It takes more time to resolve a successful security attack than it does to prevent it in the first place. So to keep your business running smoothly in AWS, you need to address application layer security. What do you think? What other reasons are there to consider security for your applications running in the cloud? Leave a comment below and let us know what you think. To learn more about web application and other security solutions for AWS from Alert Logic, visit the AWS Cloud Security section of our website.