By WalkingTree  March 15,  2021

Securing AWS Cloud

AWS Cloud offers many benefits, as such a growing number of people are now adopting cloud. However, there are chances that cloud adoption can lead to security risks. Avoiding these risks will mean building a comprehensive security strategy. Here’s how you can have a secure relationship with AWS Cloud.

Using Code as an Infrastructure

Deployment in a non-POC environment should come from an engine that takes code as input. Ideally, a Provisioning/Deployment engine would be best suited. We do this as manual deployments can lead to misconfigurations.

Set Security Perspective Goals

Our goal here is to build security into the system. As such, we should have a list of controls we can refer to while writing infrastructure code. For example, while writing our IaC, we can implement network-based guardrails.

Layered Approach to Security

In a multi-tenant cloud setup, while defining our IaC, it is imperative that we follow a zero-trust policy. It is ideal to have security at every unit of separation. This acts as a fallback in case things go wrong with one layer of security.

Cloud Security Tools

AWS comes with a comprehensive set of tools that we can use to enhance our security. Some of them include; WAF & Shield, GuardDuty, Macie, and Config.

Credentials Management

AWS cloud also offers various tools to ensure password security since this is a major challenge in cloud environments. Using credential storage solutions or vaults will greatly help with this. Additionally, having a rotation policy where you change your password at specific intervals will also build your security.

Read on to know more about the different tools you can use to build a comprehensive security strategy.

Blogs

Translate »
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.