The increasing demand for cloud services has made many organizations dependent on them by moving all applications and workloads to the public cloud. Due to this, recognizing the security challenges of cloud in general and AWS, in particular, has become difficult.
Therefore, understanding the need of the hour, we have come with some effective tips to secure your AWS accounts:
Use security groups: – To limit access to administrative services and databases, it is recommended to use AWS security groups. Avoid using 0.0.0.0/0 and allow only certain network ranges. You can also delete unwanted security groups.
CloudTrail: – This is an excellent resource to monitor AWS environment. It helps record all kind of information related to AWS infrastructure like API calls, SDKs, command-line tools, etc. CloudTrail data is very useful in solutions such as USM anywhere.
IAM roles: – When EC2 (Elastic compute cloud) is launched; an IAM role is assigned to it. Thus, the need for AWS credentials to make API requests is eliminated. AWS is much more secured with the help of this tool. Moreover, if one’s EC2 instance gets comprised while using IAM roles then there is no need to revoke credentials.
Protect EC2 against termination: – When an EC2 instance is deployed; it can be terminated via API or console. Therefore, to prevent such terminations, enable ‘termination protection’ in instances.
Usage of VPC: – VPC stands for virtual private cloud. It is a network that runs in AWS account and provides security in some forms like:
- It is isolated from other sources
- Not routable to the internet by default
- To mitigate the attack surface, security groups and access control lists are applied.
RDS encryption: – To add another layer of security to RDS workloads, it is suggested to check ‘enable encryption’ checkbox while deploying databases into AWS RDS (Relational Database Service).
Use load balancers: – Elastic load balancers assist in auto-scaling and to encrypt traffic. Moreover, it also uses AWS’s WAF (Web application firewall) services out of the box.
Activate VPC flow logs: – VPC flow logs can be created from a network interface, a subnet, or VPC itself. The VPC flow logs record information about the network traffic such as source and destination address, source and destination port, number of packets, bytes, and duration. VPC flow logs can also be used to find unknown traffic and to check indicators of compromise (IOCs).
With the above measures, individuals can secure their AWS accounts.
For more great content like this, subscribe to our monthly newsletter:
[newsletter]