Amazon called out over cloud security, secrecy

'Will not discuss' data centre policy preventing organisations from assessing the risk posed by placing enterprise applications in EC2

Amazon's cloud computing service should not be used for applications that require advanced security and availability, the Burton Group analyst firm says in a report accusing Amazon of secrecy regarding its cloud data centers.

Amazon has helped define the cloud computing market with its Elastic Compute Cloud (EC2), a service offering access to virtual server capacity over the Web. There are many things to like about EC2 and related platforms such as Amazon's Simple Storage Service (S3), but there are also numerous unanswered questions about Amazon's cloud infrastructure, according to the Burton Group.

Amazon seems to do a good job of network and physical security, but overall Burton Group gives the company "low marks for enterprise availability and security" because of a lack of transparency.

"Amazon maintains a strict 'will not discuss' policy regarding specific data center details. In Burton Group's opinion, this position is unacceptable because it prevents organizations from assessing the risk posed by placing enterprise applications in EC2," states a report titled "Amazon EC2: Is it ready for the enterprise?" written by Burton Group analyst Drue Reeves.

Amazon says its data centers meet Tier 4 specifications, with fully redundant power, backup power, networking and HVAC systems.

"However, no outside firm has inspected or audited Amazon's data centers to verify these claims," Reeves writes. "Due to lack of available information and audited inspection regarding Amazon's data centers, Burton Group cannot verify Amazon's availability claims."

Specifically, Burton Group says Amazon customers have no way of determining the "physical redundancy level and data protection" of physical components such as servers, storage devices, network and power infrastructure. Burton Group also faulted Amazon for replication rates in its Simple Storage Service and a lack of failover between data center regions.

Amazon spokeswoman Kay Kinton said the Burton Group report contains inaccurate statements. For example, the report says Amazon lacks SAS 70 security certification, when in fact Amazon does have that certification, Kinton writes in an e-mail to Network World.

"In terms of reliability, we often hear from our customers that AWS [Amazon Web Services] can achieve higher degrees of performance than they've been able to achieve on their own," Kinton writes. "Additionally, AWS gives users a great deal of control and visibility into a user's environment. Users can choose where to place their data, they can run their applications and back up to multiple availability zones and in the event of any service interruptions, they have access to a service health dashboard that gives regular updates on the service health. We also have features that provide monitoring, Auto Scaling and Elastic Load Balancing for even greater resilience in building applications. One of the main reasons customers use our services is the reliability that we're able to provide."

Kinton also noted that Amazon recently launched the Amazon Virtual Private Cloud (VPC), which connects a customer's existing infrastructure to a set of isolated cloud computing resources with a VPN connection.

"Amazon VPC enables enterprises to extend their existing management capabilities such as security services, firewalls, and intrusion detection systems to include their AWS resources," Kinton writes.

The Burton Group did give Amazon high marks for scalability and said it offers adequate performance. EC2's core strength is the ability to easily provision and load-balance virtual machine images, and compute-intensive applications that have small data sets and are built for parallelism will work well in the service, the analyst firm says.

However, Burton Group also says Amazon's management tools do not integrate adequately with the management tools used by enterprises today. EC2 is often a good fit when organizations need to defer large capital expenses, but Burton Group says the service is still not suitable for applications that store sensitive information, require identity management, high degrees of availability and high rates of I/O transactions.

In the Burton Group's opinion, the bottom line is that "Today, EC2 is a good fit for stateless, parallel, transient, scale-out applications. But gaps in EC2's security and availability, poor enterprise management integration, vendor lock-in potential, and input/output (I/O) costs prevent organizations from using EC2 for applications that process vast numbers of transactions, house highly sensitive data, have low recovery point objectives, and require system failover to save application state."

Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin

Join the PC World newsletter!

Error: Please check your email address.

Tags amazonamazon ec2CloudsecurityData Centre

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?