This paper discusses what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices are that can help create a secure cloud-computing environment.
Amazon Web Services (AWS) has set high standards for the entire Infrastructure as a Service (IaaS) industry by building a solid foundation with comprehensive administrative, physical and logical controls — from strict policies for physical access to its data centers, to well thought-out configuration change management procedures.
However, a secure foundation is just the start and to build an end-to-end secure computing environment, organizations must take an active role in protecting systems, applications and data as part of the AWS shared security model….