Top 10 AWS Security Tips: #5 Create Restrictive Firewall Policies

In this series, Mark and I have covered tips for securing your Amazon Web Services (AWS) account, building hardened Amazon Machine Images and locking down the operating system. Now we turn our attention to one of the mostsimple, yet powerful ways to secure your instances: the firewall. Implementing a firewall policy is just basic survival when it comes to internet-facing servers. AWS provides Security Groups ...

Top 10 AWS Security Tips: #6 Secure Your Applications Using a Host-Based Intrusion Prevention System

So far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based intrusion prevention system or ...

Top 10 AWS Security Tips: #7 Monitor Your Instances

So far in this series, we have shared tips for securing access to your AWS resources, hardening your system and protecting with a firewall and IPS combination. At this point, your applications running on Amazon Web Services are resilient to attack, but it is critical that ongoing monitoring be a part of your overall security strategy. Monitoring ...

Top 10 AWS Security Tips: #8 Encrypt Sensitive Data

Last week, we tackled the basics of monitoring your AWS deployment. This week we’re going to shift gears and take a look at encryption. Data Drives Your Business Your business runs on data and information. One of the biggest concerns about moving to the public cloud is the safety of that data. With a little due diligence, you ...

Top 10 AWS Security Tips: #9 Conduct Vulnerability Assessments

In this series, Mark and I have talked about hardening your AWS resources (both inside and outside of your instances) and preforming ongoing monitoring. The last two tips are around measuring your overall security so that you can understand your risks and measure your progress. It may be an old adage but it still rings true… You can’t ...

Security is not the only barrier to cloud adoption

In his 90 minute keynote address at the AWS re:Invent conference, Andy Jassy quite unabashedly gave these reasons for using AWS versus a private cloud, (at the 32 minute mark) :   So public cloud adoption should be a no-brainer, right? Oh wait, but Andy omitted security in the public cloud – how can I trust that ...

Top 10 AWS Security Tips: #1 Using IAM To Protect Your Resources

This Post was originally posted on Trend Micro Over the next several weeks, we will be discussing best practices for securing your Amazon Web Services (AWS) environment. Before we dive into securing your instances, applications and data, we have to start from the top. As part of the AWS shared responsibility security model, consumers of AWS play ...