A key advantage of AWS is that it is dynamic and can be scaled according to need. That advantage, however, can cause security nightmares. With that in mind, here are 5 easy tips to insure that you keep up your end of the bargain.
1. Use ‘least privileging’ when permissioning. What does this mean? It means use either the templates AWS provides or create your own to insure that users are not given more access than
they require. This is especially critical when considering programs that are gaining API access. Do not over permission and carefully control privileges.
2. Create strong IAM policies and continually monitor them. AWS allows MFA. Use it for privileged accounts.Similarly, create and enforce policies to insure that passwords are appropriately complex and secure for all accounts. Ensure that your security groups are properly configured and permissioned.
3. Secure your S3 buckets. At CloudCheckr, we conducted a random review of 400 accounts and found that over 30% of all users had S3 buckets with ‘view’, ‘edit’, or ‘upload/delete’ permissions set to everyone. This allows malicious users easy access.
4. Monitor your resource usage. Effective security requires vigilance. You should set CloudWatch alerts and pay attention to your regular utilization metrics. CloudWatch offers basic utilization metrics that are appropriate for small deployments. Advanced users typically require more in-depth analytics that looks deeper into utilization and extends beyond CloudWatch’s 2 week reporting period. These solutions are available from a variety of 3rd party providers. Without comprehensive analytics and awareness, it is far more
difficult to accurately assess CloudWatch alerts and detect unusual activity.
5. Track changes to your deployment. Given AWS’ dynamic nature, even a medium size deployment undergoes numerous changes on a daily basis. Each change needs to be monitored to insure that proper configuration, IAM, and security protocols are followed. The tracking can be done either manually or with an automated tool.
Following these 5 tips will quickly and dramatically improve your security posture. The issues raised represent the most common issues surrounding AWS usage. The list is not, however, the last word on security. There are, of course, a multitude of other concerns that must be followed.
Unlisted, but perhaps most importantly, security requires vigilance. AWS presents a dynamic environment and its users need to adapt to that reality. This means that you should be monitoring and reviewing your deployment, its resources, and its changes regularly. Whether conducted manually or through an automated solution, this review is essential to maintaining your security posture.