AWS is the most widely deployed public cloud infrastructure as a service (IaaS) solution in the world and is a leader in Gartner's Magic Quadrant for IaaS (see "Magic Quadrant for Cloud Infrastructure as a Service"). AWS offers a large number of built-in security capabilities (see Note 1), and questions on the proper practices for securing workloads in AWS are increasing.
AWS is a not a "consumer grade" IaaS cloud. It is a market leader, with a portfolio of security capabilities and security ecosystem partners unmatched by other IaaS providers. However, simply moving existing workloads to AWS without rethinking security tools, processes and system management will result in workloads that are less secure than they were when located within enterprise data centers. Conversely, a properly managed and secured workload in AWS will be at least as — and, in most cases, more — secure than in an enterprise data center.