In August 2019, CapitalOne suffered a security breach that exposed more than 100 million credit card applications and bank account numbers. The attacker was a former employee, who took undue advantage of access to the company’s AWS accounts. If such a devastating attack can come as a result of an internal user breach, imagine the consequences of an external attack.
While the CapitalOne breach is somewhat of a worst case scenario, even a few hours of downtime, data losses, poor user management, privacy ignorance or minor threats invite adverse risks, which can be costly. AWS’s shared responsibility model clearly indicates that certain aspects of AWS security fall in your hands; and you become solely responsible. To begin with, you must make yourself familiar with the AWS security model and utilize the features they’ve built out for you.
AWS has elucidated on innumerable security best practices, which can be difficult to track and prioritize. So we’ve made it easier, and developed a checklist of the most high priority best practices, that you must follow to proactively prevent threats.
EC2, VPC & EBS
The foremost requirement when it comes to ensuring a secure infrastructure is complete visibility. In simple terms, how can you take preventive action if you don’t even know what’s wrong? Use this checklist to make sure you are doing what it takes to keep your infrastructure risk-free; or you can let us automate it for you. If you want to receive detailed ‘Security Insights’ for your cloud with minimal effort, and go a step further to auto-remediate any risks, sign up for a free trial!
Subscribe to our newsletter to receive new posts straight to your inbox 👇