Few of us could have predicted that data breaches would become so commonplace and become part of the great news cycle. It almost seems like there are daily leaks reported, like compromised Facebook accounts or leaks from major corporate credit card accounts. With the proliferation of web and mobile applications aplenty, there is also a constant stream of negative press linked to criminal intrusions into corporate data warehouses. Fortunately, there is a smart choice for those who want to deploy a new website, application, or cloud service and how that could open up an attack vector. AWS VPC (Virtual Private Cloud) provides a secure, isolated virtual cloud for businesses to deploy websites, applications, and other services. It is a private, provisioned part of Amazon's virtual cloud and has the extreme flexibility and scalability to help a small startup launch a new website or a massive business deploy a new web application. Security is a primary reason to use AWS VPC, but there's also the flexibility to configure the virtual cloud as needed to run it. This may include using IPv4 or IPv6, setting your IP range, creating subnets, and configuring gateways and routing tables. An example of how it works is with subnets. A large company may decide to use VPC because it has applications open to the public and private. By releasing a rich new application to consumers, they could create a subnet that is always secure and reliable. However, they may also need a second subnet, configured according to their technical requirements, that is not available to consumers or the public Internet. The private subnet can only be used for a legacy backup system or a secure database used only by internal employees who access the server through a private network and not the Internet. This kind of control over what your web server can do in the cloud, for public and private applications, means you can take control of your security infrastructure. Within subnets, you can use EC2 (Elastic Compute Cloud) instances that you deploy and control instead of relying on a data center on your own site and having to configure, maintain and upgrade IT infrastructure for your different applications and data warehouses. . Since the VPC is part of Amazon Web Services, you can also deploy Amazon S3 (Simple Storage Service) on each instance and even restrict which AWS account can access the subnets. One way to understand how it all works and the benefits is to think of the VPC as a private container for your web applications, each secure and restricted to reduce the risk of data breaches.