Worried About Your AWS Security? Get To Know Some Best Practices

Scrolling through Instagram one Sunday afternoon, a meme popped up that hit Bill hard with a truth he'd been trying to avoid. 'Nothing kills a bad product faster than good advertising,' it said. What did it mean? To him, it said that if your product isn't ready for the market, then a successful ad campaign will attract customers, but all they will see is that your product isn't ready...not the message you want to be sending. 

Before you launch your production workloads in AWS, make sure your infrastructure is properly secured. When you are 100% sure that you're keeping your clients' data safe, and that your assets are secure, then you'll have the confidence to scale your business.  

Understanding and monitoring cloud security is a big ask for an entrepreneur who already has a daunting to-do list. But there are some of fundamentals of AWS Security and best practices even the busiest of entrepreneurs should understand. 

Start by getting to know very clearly what areas of cloud security are your responsibility, and what areas are the responsibility of Amazon Web Services. Broadly speaking, Amazon takes care of its AWS infrastructure, which includes the security configurations of its managed services, like Amazon WorkSpaces. This includes the physical security of their giant data centers, security of the underlying hardware and storage, and the patching of the virtual host servers that underlying all Amazon services.  

According to SkyHighNetworks Ajmal Kohgadai you, the customer, are responsible for ensuring your AWS environment is configured securely, data is not shared with someone it shouldn’t be shared with inside or outside the company, identifying when a user misuses AWS, and enforcing compliance and governance policies.

You can find out much more about the shared responsibility model that Amazon uses, which is well laid out in their Best Practices White Paper.

You should ask yourself these three key questions, according to security providers ThreatStack;

  • Who has access to which applications and when?
  • How do you monitor for key file changes?
  • Will you be notified in a timely manner if/when something anomalous occurs?

The answers to these questions will put you in the right frame of mind to develop a security strategy.

Bear in mind that the most common AWS security risks revolve around keeping track of all the cloud applications, users, logins and passwords are all being run in the cloud. The sheer volume of users can make monitoring your security hard to manage and being overly permissive with your user accounts tends to expose you to many more risks. Be aware that threats are not only external, but that trusted staff members who don't understand what they have access to, are also a liability. 

If you're too busy running your own business to become an expert in cloud security, then you should consider using a managed service like Amazon WorkSpaces, where most of the security and compliance issues are handled automatically, or find a small, dedicated team of cloud experts who can provide the security and confidence that your business deserves. 

Find our more about what WorkSpaces can do for your business. 

Get the Guide

About the Author

Nick Underwood

Nick Underwood has over 15 years of experience supporting IT infrastructures for businesses across a broad range of industries.


    Get Your Project Started With a Free Consultation

    Get a Free Consultation