AWS Security Blog

Make a New Year Resolution

Make a New Year Resolution for 2014 to adhere to best practices put forth by AWS Security and Identity.  There are two great pieces of work published in 2013 that are filled with guidance and are highly actionable.  AWS published the Security Best Practices whitepaper, providing a landscape of various security oriented technologies, including IAM, encryption, and compliance reporting.  The Security Blog post that outlined the whitepaper was the second most popular post of the year (behind  Writing IAM Policies: How to grant access to an Amazon S3 bucket), illustrating the importance and interest of cloud security topics.

The other piece of work to reference is IAM’s Top Ten Best Practices session at re:Invent.  I encourage you to view the recorded session, but here’s a quick rundown to get you started:

  1. Lock away your AWS account access keys
  2. Create individual IAM users
  3. Use groups to assign permissions to IAM users
  4. Grant least privilege
  5. Configure a strong password policy for your users
  6. Enable MFA for privileged users
  7. Use roles for applications that run on Amazon EC2 instances
  8. Delegate by using roles instead of by sharing credentials
  9. Rotate credentials regularly
  10. Use policy conditions for extra security

Use these security best practices to help make your AWS account as secure as possible.  Not only will you find more peace of mind but hopefully even greater control as you expand your use of AWS.

– Jim