A lot of companies are migrating their workflows to the cloud services like AWS, Azure or GCP. Although cloud environments add a lot of value and could be great for both operation and security, but not having the right controls in place could be risky.
We have seen lost of data breaches as a result of bad configuration on AWS. When using AWS environment, there are a lot of considerations to keep in mind depending on the use cases, but there are a few fundamental controls that are needed to ensure basic security levels are applied. Just following these principles and guidelines will reduce the risks associated with AWS environments substantially.
1- Account-level Access Controls: Ensure you provide least privilege access to those who need to access AWS accounts.
2- Resource-level Access Controls: Ensure you have proper IAM policies to restrict access to and from resources to what is needed only. For example, if you are setting up a S3 storage to be used with an EC2 host, the policy should limit accessing S3 storage from anything but that EC2 host.
3- Default encryption: Encrypt everything where possible. All resources like S3, EBS, RDS, etc. must be encrypted. Also use encrypted services and integrations, e.g. https, ssh, etc.
4- Utilize security groups and access lists to minimize accessing to the resources to what is needed only.
5- Increase monitoring controls via logs, and AWS security services like Guardduty and Inspector.
6- Don't forget about standard security controls like malware protection, WAF, vulnerability management, etc.
