When evaluating the security of a cloud solution, it is important for customers to understand and distinguish between:
- Security measures that the cloud service provider (AWS) implements and operates – "security of the cloud"
- Security measures that the customer implements and operates, related to the security of customer content and applications that make use of AWS services – "security in the cloud"
While AWS manages security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would for applications in an on-site datacenter.