AEM in AWS - security | Community
Skip to main content
S
suhel7
October 16, 2015
Solved

AEM in AWS - security

  • October 16, 2015
  • 4 replies
  • 1021 views

Hello, we are in process of finalizing a new architecture where AEM would be hosted in a AWS cloud. I have read somewhere that any sensitive information/data should not be stored at the AEM level (in AWS cloud) since there is potential security risk there. If anyone has any pointers as to what that risk is and how can it be addressed, please do let me know. We are planning to use AEM 6.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by joerghoh

Any software which runs on AWS runs on systems owned by Amazon in an Amazon Datacenter, connected via Amazon networks, and operated by Amazon's ops teams.

Depending on your security requirements you can take that risk or not. But it's hard to give such an advice knowing nearly nothing about you, the data you want to store with AEM on AWS, and your special usecase.

kind regards,
Jörg

4 replies

smacdonald2008
smacdonald2008
Level 10
October 16, 2015

If anyone wants to learn from the experience of our AEM Managed Services team, who has been managing AEM in AWS for quite some time and has several security certifications, they should contact the AEM MS team. 

joerghoh
Adobe Employee
joerghohAdobe EmployeeAccepted solution
Adobe Employee
October 16, 2015

Any software which runs on AWS runs on systems owned by Amazon in an Amazon Datacenter, connected via Amazon networks, and operated by Amazon's ops teams.

Depending on your security requirements you can take that risk or not. But it's hard to give such an advice knowing nearly nothing about you, the data you want to store with AEM on AWS, and your special usecase.

kind regards,
Jörg

S
suhel7Author
October 16, 2015

Thank you Jörg, for your reply.

At this stage I can't reveal much details, but its for a FS company, there will be a lot of transactional data, sensitive customer information that AEM would need to display/parse. I am not too sure about the AWS security around AEM, but would like to know if:

1. some sensitive information (e.g. transactional data, customer info, etc) is to be stored at AEM, then what security parameters should be taken?

2. If everything is fetched at run time and the data is being stored in a temp session then what are the security parameters that should be taken.

3. any best practices around AEM in AWS for a FS company?

regards

Suhel

joerghoh
Adobe Employee
joerghohAdobe Employee
Adobe Employee
October 16, 2015

Hi,

please contact the data privacy and security officers of your customer. They are supposed to know if you can go with this kind of data to the cloud at all.

kind regards,
Jörg

Terms & ConditionsAccessibility statement

Loading footer...