Published: 15 April 2015
Summary
Amazon Web Services is the most widely adopted cloud infrastructure-as-a-service provider. Here, we provide security professionals with best practices for the secure deployment of workloads in AWS, many of which apply to securing workloads in any IaaS provider.
Included in Full Research
- Understand Your Responsibilities in the Shared-Responsibility Model
- Get Visibility of Cloud-Based Workloads, and Activate CloudTrail
- Make Solid IAM Practices Your Foundation
- Bake Security Into the AWS Workload From Development
- Adopt a "No Patch" Strategy Where Possible
- Encrypt All Network Traffic — Treat AWS as an Extension of Your Own Data Center
- Use AWS Security Groups by Default, and Leverage a Third-Party Firewall for More Advanced Functionality
- Adopt a Workload-Centric Security Strategy
- Encrypt All the Data the VM Stores Locally by Default
- Don't Overlook the Support Protection Infrastructure for the Application and Associated Network Infrastructure Services
- Pressure Your Incumbent Security Vendors to Support AWS