Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Differences between traditional network security and security in the cloud
Cyber Security: A Peer-Reviewed Journal,
8
(3),
281-298
(2025)
Abstract
Serverless computing is transforming cloud application development by removing the need for infrastructure management, enabling developers to focus on writing and deploying code. This cloud-computing execution model offers significant advantages in cost-effectiveness, scalability and operational efficiency, with cloud providers dynamically managing server allocation, scaling and maintenance. Prominent serverless computing services include Amazon Web Services (AWS) Lambda, Azure Functions and Google Cloud Functions, facilitating faster development cycles and improving application performance. Security remains a critical concern as the serverless computing market grows. This paper focuses on AWS Cloud security, exploring the differences between traditional network security and cloud security and emphasising the challenges unique to the cloud environment. It advocates for a defence in depth strategy, which employs multiple layers of security to protect cloud infrastructure. The paper underscores the AWS shared responsibility model, which clearly outlines the security responsibilities of both AWS and its customers. It also explores the AWS Well-Architected Framework, which provides best practices for constructing secure, reliable and efficient cloud workloads. Additionally, it discusses the significance of a well-designed landing zone in AWS for managing multi-account environments and ensuring security through multilayered protection mechanisms, including identity and access management (IAM) policies, resource policies, data encryption and network security. In conclusion, the adoption of comprehensive security strategies, such as defence in depth and the utilisation of AWS tools and best practices, is not just beneficial but crucial for enterprises to secure their serverless computing environments. These measures play a pivotal role in mitigating risks, enhancing security postures and fully leveraging the benefits of serverless computing, thereby driving digital transformation initiatives.
Keywords: serverless computing; cloud security; identity and access management; defence in depth; shared responsibility model; well-architected framework; multilayered protection
The full article is available to subscribers to the journal.
Author's Biography
Ilya Verbitskiy has over 20 years’ experience as a solution architect in banking, finance and e-commerce, developing complex software in large and small teams. Before starting his own business, he worked for several multinational companies in Europe, Asia and North America. Ilya founded WebStoating Pte. Ltd, an agency helping companies create successful online businesses. He uses the Agile approach and Lean Startup methodology to minimise time to market while paying particular attention to the security and quality of the final product. His fields of interest include cloud-native solutions and high-load architectures. Ilya continuously shares his knowledge by speaking at user groups and conferences and contributes to open-source projects.
