Spend less time worrying about keeping your data secure or building custom solutions to monitor and manage your data and focus on deriving insights for the business. Amazon Redshift supports industry-leading security with built-in identity management and federation for single-sign on (SSO), multi-factor authentication, column-level access control, role-based access control, Amazon Virtual Private Cloud (Amazon VPC). With Amazon Redshift, your data is protected in transit and at rest. All Amazon Redshift security features are offered out-of-the-box at no additional cost to satisfy the most demanding security, privacy and compliance requirements. You get the benefit of AWS supporting more security standards and compliance certifications than any other provider, including ISO 27001, SOC, HIPAA/HITECH, and FedRAMP, helping satisfy compliance requirements for virtually every regulatory agency around the globe.
Best infrastructure security
Control network access to your data warehouse cluster through firewall rules. Using Amazon Virtual Private Cloud (VPC), you can isolate your Redshift data warehouse cluster in your own virtual network, and connect to your existing IT infrastructure using industry-standard encrypted IPSec VPN without using public IPs or requiring traffic to traverse the Internet. You can keep your data encrypted at rest and in transit. With AWS supporting more security standards and compliance certifications than any other provider, you can rest assured that compliance requirements for every regulatory agency are satifisfied
Continuous audit and compliance
Amazon Redshift integrates with AWS CloudTrail to enable you to audit all Redshift API calls. Redshift logs all SQL operations, including connection attempts, queries, and changes to your data warehouse. You can save logs to Amazon S3, access these logs using SQL queries and use AWS Artifact to access Redshift’ audit reports. Amazon Redshift offers a strong compliance framework and advanced tools and security measures that customers can use to evaluate, meet, and demonstrate compliance with applicable legal and regulatory requirements.
Comprehensive Identity Management
Access to Amazon Redshift requires credentials that AWS can use to authenticate your requests. Those credentials must have permissions to access AWS resources, such as an Amazon Redshift cluster. You can use AWS Identity and Access Management (IAM) and Amazon Redshift to help secure your resources by controlling who can access them.
Most granular authorization
Role-base Access Control(RBAC) helps you simplify the management of security privileges in Amazon Redshift and control end user access to data at a broad or granular level based on their job role/permission rights and level of data sensitivity. You can also map database users to IAM roles for federated access.