I found an interesting article on Cloud Computing that lists and describes six best practices for increasing AWS security. Writer Louis Columbus focuses on securing IaaS using the Zero Trust Privilege strategy. The strategy utilizes a “never trust, always verify, enforce least privilege” approach for maintaining strong security. Furthermore, the Forrester found that approximately 80% of all data breach begin with priiviledged credentials Below is a basic overview of the six best practices for increasing security in Amazon Web Services based on the Zero Trust Privilege Model:
- Vault Amazon Web Services root accounts and federate access for AWS Console. AWS root accounts can be so powerful to be in the wrong hands. It is recommended to just vault the root username and password so that it has a smaller chance of being exposed.
- Apply a common security model and consolidate identities
- Ensure accountability
- Enforce least privilege access
- Audit everything
- Apply multi-factor authentication everywhere
Obviously, these security measures will help stop privileged access credentials from becoming compromised. Although there are more strategies available, these are the six strongest and most immediate solutions to prevent security breaches.
For more details regarding the AWS security best practices, go here for the original article.