Home Five golden rules of security planning in the AWS cloud
 

Keywords :   


Five golden rules of security planning in the AWS cloud

2020-10-19 18:17:19| The Webmail Blog

Five golden rules of security planning in the AWS cloud nellmarie.colman Mon, 10/19/2020 - 11:17   Whatever you put in the cloud, it needs to be secure from day one. When you choose Amazon Web Services (AWS), you have the confidence of knowing that AWS is securing the hardware, software, networking and facilities. But youre responsible for securing everything you put in the cloud, including: Customer data Platform, applications, identity and access management Operating system, network and firewall configuration Client-side data encryption and data integrity authentication Server-side encryption for your file systems and/or data Networking traffic protection, including encryption integrity and identity Security is a shared responsibility between you and AWS. So youve got to do your part. You cant risk exposing confidential data or being compromised, and so protection and monitoring for your AWS cloud environment is vital. In this article, I discuss the importance of security engineering through five golden rules to follow when planning and building your cloud environment  always with security in mind.   1. Security engineering should be your first step Always start with security. Once you know what youre going to do with your AWS cloud environment, but before you add data or apps, have proper security controls in place and a process that mandates that happening. There might be pressure to make things secure later too often, organizations prioritize other business goals. But unless you put security upfront, youll risk compromised environments, data loss and attacks by malicious actors  all before youve had the chance to put proper security controls in place.   2. One size does not fit all The security landscape is complex. There are many tools and ways to do things. Not every security solution or product is best suited to every environment and they all have different capabilities. You must use the most appropriate security tools and products, and adapt them to how you use your cloud environment, the data you store in it and regulatory compliance requirements. Its therefore crucial to have people on your team or partners to work with who have a thorough understanding of security and the cloud environments you use. By combining those skills, you can ensure you have proper security controls in place.   3. People are core to security engineering You need the right team in place to successfully set up a secure AWS cloud environment. But dont make the mistake of then immediately dropping people from the equation. All the cloud native tools and monitoring you set up wont be valuable if you lack teams and processes that enable you to respond to problems. Tools can tell you about whats happening in your cloud environment, but if you dont have anyone monitoring it 24x7, you risk getting compromised and losing data. So ensure your organization has a SOC-like capability to more thoroughly protect your cloud environment.   4. Security is not a one-time engagement Dont set up a secure AWS environment and think the jobs done when its only just begun. Security engineering is not a one-time engagement that occurs when you spin up a new account. It needs to evolve constantly, based on your use of the cloud. Create processes that mandate a regular review of your AWS cloud environment. Work with people who understand what youre doing with it, how your use of the cloud has changed and any new services youve started to use. Security controls and processes must then adapt accordingly.   5. The cloud is radically different from what came before Some organizations struggle when transitioning to the cloud from dedicated environments. They are used to segregating internal resources the secure environment  from the outside world by using a perimeter protection device. This provides a good level of protection in a dedicated scenario, but its not enough in the cloud. Not everything in the cloud runs on the server. You cannot protect everything with a single firewall. Your security approach must therefore be very different. Think beyond your network regarding threat detection (such as considering API calls to your cloud environment that wont necessarily go through your corporate firewall), use appropriate rather than solely familiar tools and products, and work with people who understand the threats, risks and security solutions and tools inside-out.   Security in partnership To be effective in securing your AWS cloud, you need expertise in security, the cloud environment itself, and cloud native security products all while being aware of the rapid changes in security engineering and keeping pace with such developments. This can overwhelm, which is why organizations often partner with experts in the field. Rackspace Technology is the first consulting managed security service provider (MSSP) partner for AWS Security Hub, offering consulting services for AWS cloud native security products, including around-the-clock support from certified security experts in our global Security Operations Center (SOC). Rackspace Technology believes in the core fundamentals outlined in this article: security must come first; one size does not fit all; and security engineering needs evolve over time. This is why we offer managed security services using cloud native security products, such as our Cloud Native Security solution for AWS. Our aim is to combine skills and expertise to help you achieve your security goals and protect your cloud environment. But whether you choose to partner up or handle it alone, do prioritize making sure your cloud environments are secure before its too late.   Five golden rules of security planning in the AWS cloud Keep these five golden rules of security planning in mind as you plan and build out your cloud environment. Secure your AWS environment, from day one. /managed-aws/capabilities/securityLearn how

Tags: the security planning rules

Category:Telecommunications

Latest from this category

All news

11.12Het Waterlaboratorium Haarlem kiest voor Omikron CallHelp
11.12Hoge School Leiden kiest ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Hoge School voor de Kunsten Utrecht kiest ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Holland Casino Enschede gaat ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV OproepSysteem
11.12Hoogeerd Restaurant Niftrik gaat ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Hoogheemraadschap Hollands Noorderkwartier Edam kiest voor Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12HCR t' Hoogt Utrecht kiest Omikron CallHelp
11.12Hooipolders Diervoeders Den Hoorn kiest Omikron CallHelp
Telecommunications »
22.12Weekly Recap: Costco to Change Diaper Suppliers, BCNonwovens Acquires Atex USA Inc. & More
22.12Wind hits festive travel as Heathrow cancels flights
22.12Elon Musk's curious fixation with Britain
22.12Valencians struggling to recover from devastating floods
22.12'Worst place I've lived': Vulnerable left in unsafe homes
21.12Smithfield, HD3 Farms sign agreement for independent pork production
21.12This Week in Agribusiness, December 21, 2024
21.12Weekly Recap: AkzoNobel, Rodda Paint Top This Weeks Stories
More »