in the attachment, start answering the posted questions from page 18,
Running head: OPERATING SECURITY AMAZON
OPERATING SECURITY AMAZON
Colorado Technical University
Operating Systems Security CS652-2003A-01
July 22nd , 2020
Amazon is a multinational organization dealing with online retailing of products and services founded by Jeff Bezos. Bezos’ named it the “regret minimization framework” because he regretted not having invested in the online, internet platform, yet it was an encouraging environment. The internet was becoming the big thing as technology progressed in the early 1990s. Jeff Bezos being the creative investor he has always been, left his position as the vice president of D.E. Shaw & Co. and moved to Seattle, Washington, where he incubated the business idea that later becomes Amazon (D’Agostino, 2018).
Table of Contents
Origin of Amazon 4
The emergence of Amazon Online Book Store 5
Amazon’s Principles 6
Amazon’s Computing Environment 6
AWS Global Infrastructure Security 9
Amazon’s Internal Systems Connection 10
Benefits of Operating Systems Security Policies 10
Operating System Security Tools 11
Tools to prevent OS Security threats 12
Antivirus Software 13
Browser settings and Filtering Software 15
Implementation and Justification 15
Protecting the Organization 16
Protect your Clients 16
Enjoy online money services 16
Built-in Security Analysis 17
On July 5, 1994, Cadabra, Inc. was incorporated as a company in Washington State by Bezos. However, after a few months, he changed the name to amazon after thorough research from the dictionary on a unique name that signified “different and exotic” as he envisioned his enterprise’s future. Amazon River, where the name amazon derived from, is the largest river in the world. Bezos’ planned to move his store to every part of the world, also Amazon had alphabet “A” which signified it would appear first in the alphabetical arrangement when searching for online shop (Goal et al. 2020). He started amazon as a book store online retailing at affordable and fair prices with delivery at the clients door step. During the initial , Amazon started its operation in Bezos’ house garage in Northeast 28th Street in Bellevue, Washington. Relentless, the domain name for amazon was purchased in September 1994 and still is owned by Bezos as the domain name for amazon used to redirect the retailers (Aćimović et al. 2020). Bezos was interested in building his brand online, and virtually without any fear of being copied, he was sure of the viability of his venture and give it all his best a fruitful success we all enjoy worldwide today.
Bezos had been analyzing s from the company’s future projections and discovered that the annual web commerce growth was already at 2,300%. These figures trigger him to develop a list of 20 items that could be sold online and narrow them down to five; books, compact discs, computer software, computer hardware, and videos. He finally decided to venture into books selling due to the worldwide need for literacy, which is a field that will always be green. The initial capital of the platform was $250,000, which Bezos got from his parents. There were many books available, and their unit price was quite fair, and he was able to start at a good momentum. In July 1995, Amazon began its online book store services, selling its first book on fluid concepts. After two months, all 50 states were shopping for books from amazon and more than 45 nations. The growth was so drastic that in two months, the company made a public announcement, with a total sales of $20,000 per week. In 1996, it was incorporated into Delaware and got into the stock market in 1997, selling it first stock at $18 under the NASDAQ stock exchange (D’Agostino, 2018).
Amazon continued its growth during the late 1990s but was shocked by the dot-com bubble that destroyed many of the then e-companies in 2001. However, Amazon survived and got back on its feet one year later. The company profit margins started rising and became steady, proving that Bezos’ grand architecture was viable and well thought. In the present, by 2011, Amazon has employed 30,000 employees operating on a full-time basis, and an astonishing 180,000 full-time employees by 2016 (D’Agostino, 2018). The critical thing towards the growth of this organization is creditable to the sophisticated web infrastructure developed to ensure the security of both company and client data. In the subsequent sections, we will consider the design that makes the Amazon online platform stand out in the tech industry.
Amazon is the founder of four principles that propel all its functionality both online and in the physical arena. The laws are; customer satisfaction, not competition-oriented, passion for creativity and invention, operational excellence, and long-term futurist thinking. The company operates in an environment that ensures the growth of the company, employees, and clients, benefiting all its stakeholders. To ensure consistency in service and product delivery in the online platform, Amazon has invested heavily in the security of its data and its clients through UNIX, open-source, and windows operating systems in their computing environment (Stallings, 2018). Understanding the intricate design of the computing environment behind the Amazon platform will help in recommending and acknowledging how secure their systems are (Aćimović et al. 2020). We will focus on how the company endeavors to protect the online usage from the high-risk environment offered by the internet.
Amazon Web Services (AWS) security responsibilities ensure the global infrastructure that runs the company’s services offered in the AWS Cloud is well secured and protected. This infrastructure comprises hardware, software, networking, and all other features and facilities running the AWS. When computer systems moved to the cloud, the company has to secure its information because it is shared. The AWS allows Amazon to restrict usage and control data removed from the sites. Amazon employs the shared security responsibility model that reduces operational cost and improves security without additional resource input. The responsibility shared between the company and cloud service providers, where AWS is responsible for infrastructural security of the cloud system.
Figure 1: The Shared Security Responsibility Model
Amazon has the best technical team offering sufficient company services in the protection of products and services. They also ensure that the company’s computer servers are well configured to security firewalls and can automatically detect invasion and shut down the loops. Amazon deals with door delivery and online payment from clients; the website, therefore, has sensitive information about the client like location, home address, name identification, and credit card details. If hacked, this information is a potential threat to the company and the customer, which will bleach the customer service provision (Robischon, 2017). Therefore, AWS offers accounts that the clients sign into in their cloud website where the company secures them. Virtual servers, databases, storage, and desktops together with cloud-based analytics and tools that allow the data need to be retrieved and stored securely. AWS has products responsible for securing the OS of guests, and storing the data they update within the company profile their account (Amazon EC2) (Aćimović et al. 2020). These application softwares are responsible for creating firewalls. The AWS management services e.g., Amazon RDS or Amazon Redshift, provide the required resources to perform different tasks within the company website. These management services ensure all the user needs are meet without delay and cater to all the necessary functionality errors done by the user. However, the user is required to protect their AWS account using the Amazon Identity and Access Management (IAM) so that every user has a unique credential secured. The use of multi-factor authentication (MFA)used for each account, which connects the API setting and SSL/TLS to the AWS resources (Solanki, 2019). These are all parts of the amazon cloud architecture.
Figure 2: Amazon Cloud Architecture
AWS carries out its functions in a global cloud environment allowing a variety of computing resources like storage and processing. The AWS global infrastructure has hardware, software, network, and host OS, enabling it to support the services it offers. Among the decision to increase its security, Amazon’s internal structure uses a UNIX operating system with its well-enabled platform to secure all the data and cloud-based information remotely (Robischon, 2017). UNIX operating system is defined as more stable and secure, reducing the need for more infrastructure for securing the OS. AWS has developed a compliance program that allows the users to understand how they operate, and the security architecture is searing their data (Solanki, 2019). AWS is declared one of the most secure web architectures globally, offering the best infrastructure of computing its clients (Aćimović et al. 2020). One of the many reasons Amazon has succeeded over the years.
Amazon employs AWS’s direct connection in its internal systems, a cloud service that establishes an automated network connection between the company’s computers and the AWS cloud services. AWS enables data centers, offices, and other colocation environments of amazon access cloud network remotely, reducing the cost of fiber, increasing the throughput bandwidth, and consistency in networking expertise compared to internet-based connections. The use of UNIX, open-source, and Windows operating systems allows amazon to enjoy unlimited access to the cloud for its employees and clients (Aćimović et al. 2020) (Solanki, 2019). The security detail in these operating systems allows the clients to access the AWS direct connection virtually through public or private networks.
Implementing operating systems will increase the company’s protection against external threats and attacks on their data and systems. Security policies are an excellent method of ensuring constant security checks, whether there is a threat or not, and maintaining the overall health of a computer. These security policies ensure that the company is always on toes, and surveillance of its infrastructure done often to eliminate any threats that may arise without being detected (Robischon, 2017). Security policies guard principles on how security should be maintained and resolutions parties in case of an attack. OS security policies guarantee the firm that regardless of any threat, there is a mitigation process already pre-designed to handle the challenge. These policies allow the company management to operate without fear and engage in more risky but profitable ventures rather than anxious to wait for the unknown (Solanki, 2019). Development and implementation of OS security policies is a form of insurance, where the company designed to protect itself from arising attacks and threats to its systems.
UNIX operating systems security tools include; wire shark, NMAP, and Malware, antivirus scanners. Wire shark earlier called Ethereal is a tool for analyzing system administrators. NMAP is a security scanner while a malware and antivirus scanner checks from viruses and Malware attacking the Linux operating systems. Linux is more stable and secure; that is why most companies like amazon prefer them for their database and internal operations (Stallings, 2018).
Open sources operating systems security tools include; osquery, GoAudit, and Grapl. Grapl is a new open-source tool that released in March 2020. It is a Graphical Analytic Platform for detecting forensic and incidence responses. Grapl attempts to identify graphics from logs. Osquery is an operating system with low–level analytics and monitoring tools that enable engineers to perform complex analyses using SQL (Stallings, 2018). GoAudit is a Linux Audit system that hooks and monitors syscalls and writes audit records to disk using auditd.
Windows operating systems security tools include; firewalls, antivirus software, and penetration testing. Antivirus software is applications installed in operating systems to eliminate viruses and Malware that attack the computer files. Firewalls are choke enters where traffic flows through and controls local security, ensuring unauthorized traffic is not allowed to pass (Stallings, 2018). Penetration testing verifies if the operating system is secure enough by attacking the operating system and confirming if it is possible to hack through it. Penetration testing can be automated or manual.
These tools can be employed to improve security for both the client and the company offering the services. Amazon has a well-established team of experts and an online platform that allows users to understand the threats and recommend the necessary measures to reduce the risks (Stallings, 2018). The customer services at Amazon is automated due to long term experimentation by the real time customer service providers. Unique cases forward for a personal customer help service (Griffiths, 2018).
OS security threats refer to the manipulation of the services that are offered by the system and the network so as to access or destroy the user’s information. Threats to any operating system can be used to launch a series of attacks on the on various programs. This gives the perpetrator the ability to misuse OS resources and user files. There are however a number of tools that are used in the detection and prevention of threats aimed at the operating system in the organization.
A firewall is a barrier that blocks unauthorized users out and prevents them from accessing a private network. The firewall gets to monitor the network traffic in which your operating system operates and can block unwanted traffic. Most computers on a daily basis, use the internet, and that’s where most attackers reside (Digicert, 2020). In this case, attackers launch attempts through the internet to see whether there is any vulnerability on one’s firewall that they can exploit. Therefore, a proper firewall will guard the organization’s systems from attacks. There are two types of firewalls, the client and appliance firewall (Ferguson, 2008). While the client firewall is software that offers security on the individual computer by monitoring the network traffic, the appliance firewall on the other is a hardware that is connected between the internet and your computer.
Those who make use of the client firewall installed in their system take the maximum security measures as possible in the case upon which connections are made on networks that they do not trust. These types of firewalls are mostly used in an organization that has a small network environment where computers share the same internet connection. In cases where Wi-Fi routers are used, extra security is usually provided on the internet as these routers have an already existing firewall in place. However, the firewalls they possess are generally not strong enough to stop attacks of a substantial magnitude.
Antivirus software refers to a program that that has been devised with the sole purpose of shielding computers against viruses, spyware, botnets, keyloggers, and other malware-like programs that are meant to cause harm to the operating system. Periodically, an antivirus will scan the computer to try and detect any viruses that may have been installed. It will, after that, remove the viruses if any are found. Also, before a program is installed on the computer, the antivirus ensures that the program has been checked for any embedded malware. If located, the program will not be allowed to install (Comodo, 2020). Antiviruses are usually incorporated with the ability to filter out malware automatically. However, one can manually summon a scan if need be. Since there are always new infectious programmed created every day, antiviruses should continually be updated to ensure that their database has the filter for the most recent virus codes.
Antiviruses recently have been given the ability to refresh their database automatically and frequently. The user is therefore protected daily as long as they have it installed. There is antivirus software for all operating systems, but most of them are usually developed to be used in Windows OS. The reason for this can be associated with the degree in which attacks are launched on the Windows operating system. Most infectious programs developed are usually aimed at the windows operating system, thereby making windows OS the most vulnerable to attacks. It is therefore essential for those using windows OS to ensure that the proper third party antivirus program is installed. The effectiveness of an antivirus depends on the features that it has. The best antivirus ensures that it has a deny protection as its default setting.
The deny protection feature ensures that suspicious files are denied entry by default. The antivirus software should also have the auto-sandbox technology. This is an exclusive feature in which files that haven’t been recognized by the system and those that the system deems suspicious are secluded and later checked for malicious activity without hindering the normal operations of the system. The containment technology should also be included in the package to ensure that executable programs are reviewed for malicious code before they are allowed to run. Finally, a proper antivirus will have the host intrusion protection system (HIPS) technology. The Hips feature performs its prevention functions with specific protocols. This feature automatically terminates any activity that is running once a malicious activity has been found hence preventing the malware from causing infections to the rest of the system.
Browsers are computer programs with proper use interphase that helps individuals navigate through the internet in an operating system. Browsers, therefore, are links to the internet, and this too, if not checked, can prove to be an access point for attackers to have access to your system. Browsers, however, are usually created with security settings that will give the user the ability to set them to the level that they will feel secure. They provide a measure of security through filtration of content that is being accessed through it. To get rid of unwanted material and programs from the internet, it is proper that filtering software is purchased. Advanced blocking software will give one the ability to set boundaries to sites, images, and texts that one is exposed to. It will be able to block specific web addresses that contain harmful content, filter programs through blocking certain words and phrases, and finally monitoring the sites the user visits and flags them for incase they provide information damaging to the user’s computer.
The proper security tool is necessary for any organization, and therefore, each organization should set aside adequate finances to cover for these expenses. However, given their magnitude of costs being incurred periodically in purchases and maintenance, organizations may choose not to incur them. On the other hand, they may go for a one time purchase with the intention that it will last a lifetime. There are, however, important reasons for securing proper security tools.
The reason as to why investments are made in security tools by any organization is to shield itself from cyber-attacks. Since most businesses conducted by the Amazon organization rely on the internet, it would only be proper to reduce the extent to which the organization is exposed to these risks. When such uncertainties materialize to attacks, organizations end up losing more than what they would have used to purchase proper protection. According to done statistics, organizations end up spending an average of $879,582in recoveries after an attack (Application Security Series, 2019. These amounts are nothing compared to the amount they would have used in purchasing proper security equipment. Far from the losses, an organization that has been a victim to cyber-attacks will also be subject to a ruined reputation, which is also very expensive to recover.
Any organization in business has the responsibility to keep its clients’ information safe away from unauthorized users. All those customers that engage in business with your organization do so with utmost confidence, and they intend to keep their information secret. When customers realize that their information is not safe within the perimeters of your organization, they end up cutting off the engagements they have with the organization. A study that was performed in 2019 showed that over 3000 online clients would abandon having dealings with your organization after they realize that there was a data breach, and their information ended up in unauthorized hands (Application Security Series, 2019).
Online money transfer and banking are some of the many advantages that came with the internet. Organizations in business will no longer have to wait in long queues to make transfers. Any organization that intends to enjoy these benefits should ensure that it has proper security to protect the money they are yet to receive and that which they already did. When these protection measures are not established, the sensitive information related to banking may end up into the hands of hackers. Such information could then be used to cost the organization hundreds of thousands of dollars if not millions. Integrating security technologies will prevent the organization from incurring such expenses.
Built-in security varies depending on the system in question. Windows OS is the most widely used operating system has been on the limelight when it comes to attacks. Windows has a built-in firewall that has the capabilities of preventing minor attacks and unwarranted users from accessing your system. However, through third-party applications, the windows firewall can still be hacked. Windows has its anti-malware utility install that offers average security for those with no antivirus installed (Stobin, 2020). This, however, is not strong enough. Windows will need to make an upgrade to their firewall to fix any endpoints that may present loopholes for hackers to penetrate. Those who are using windows will have to install third-party antivirus software and, in other cases, purchase browser filtering software.
UNIX operating system, on the other hand, has always had the upper hand over windows in terms of security. UNIX has a multiuser architecture, and this promotes an increased amount of minimized trust that makes it more secure as compared to the single-user design that is embraced by windows. Since UNIX has given its users access to the open code, developers are, therefore, able to find and fix bugs quickly, making the system more secure (Acohido, 2020). UNIX faces the weakness in its security in that it has failed to learn from the vulnerabilities that windows have faced in the past, and therefore, their system has never faced any real threat. Even though there are antiviruses that have been developed for the UNIX operating system, this OS still stands secure without them, and so those in use of it are secure.
Open-source operating systems, just like the UNIX OS, promote a higher degree of security. They, however, don’t have the ability to have a better security strategy as compared to closed operating systems. Open-source operating systems present to their users a superior security rollercoaster since it is easier to spot vulnerabilities and fix them before anyone has an opportunity to exploit them (Acohido 2020). This security advantage is because more people are trying to find these vulnerabilities. With minimal third party measures such as antiviruses in place, open-source operating systems cannot be considered the most secure operating systems, but they also cannot be ignored since they provide a particularly strong fight in security measures.
Aćimović, S., Mijušković, V., & Milošević, N. (2020). Logistics aspects of goods home delivery: The case of Amazon Company. Marketing, 51(1), 3-11.
D’Agostino, J. L. (2018). The Impact of E-commerce on Brands: An Analysis of Amazon and a Plan for the Future (Doctoral dissertation, University of Oregon).
Goel, P., Verma, P., Al Mutairi, Q., Bhardwaj, R., & Tyagi, S. (2020). Customer Experiences, Expectations, and Satisfaction Level towards Services Provided by Amazon. International journal of Tourism and hospitality in the Asia Pacific, 3(1), 89-101.
Griffiths, P. (2018). Industry voices: Amazon insider. Ragtrader, (Apr 2018), 24.
Robischon, N. O. A. H. (2017). Why Amazon is the world’s most innovative company of 2017. Fast Company Magazine, 2.
Stallings, W. (2018). Chapter 15, Operating System Security. In Operating Systems: Internals and Design Principles (8th ed., Vol. 2). Prentice-Hall.
Solanki, K. (2019). ‘To what extent does Amazon. Com, Inc.’s success accredited to its organizational culture and ND Jeff Bezos’s leadership style? Archives of Business Research, 7(11), 21-40.
Comodo. (2020). Antivirus Security. Comodo Security. https://antivirus.comodo.com/security/define-antivirus.html
Digicert. (2020). The Importance of Using a Firewall for Threat Protection. Is Antivirus Protection Enough? Digicert. https://www.websecurity.digicert.com/security-topics/importance-using-firewall-threat-protection
Ferguson, B. (2008). DEFENDING YOUR COMPUTER WITH TECHNOLOGY TOOLS. Washington State, Office of the Attorney General. https://www.atg.wa.gov/defending-your-computer-technology-tools
Application Security Series. (2020). 4 Reasons Why Your Company Should Use IT Security Software. Immuniweb. https://www.immuniweb.com/blog/4-reasons-why-use-cybersecurity-software.html