Fundamentals of Data Protection on AWS
In this solution brief, you'll discover the fundamentals of data protection on AWS. Follow along to learn how to safeguard your data.
Keeping Data Confidential
To keep your data confidential on AWS, implement server-side encryption for data at rest in AWS storage and database services. Additionally, use AWS Key Management Service (KMS) to store and manage your encryption keys. For data in transit, enable HTTPS (TLS) to ensure that your data is encrypted during transmission.
You can enhance the trustworthiness of your data and resources by using AWS KMS and AWS Certificate Manager (ACM) across all accounts in your organization. This broad security coverage helps ensure that your data is protected and that you can manage TLS certificates at scale, which is essential for maintaining integrity and authenticity.
Control Over Personal Data
To maintain control over your personal data, consider using AWS Secrets Manager to protect database access credentials and AWS Private CA to manage certificates for Kubernetes pods. Additionally, leveraging tools like Amazon Macie can help you discover and classify sensitive data, ensuring compliance with privacy regulations and enhancing your overall data governance.