This fall, we began a process to identify some of the most important items to consider when securing your Amazon Web Services (AWS) cloud environment. The goal of this series is to help people understand the AWS “Shared Responsibility” model as it applies to the confidentiality, integrity, and availability of data. Since AWS offers a wide range of products with varying levels of support and different security requirements, there will never be a “one size fits all” solution that will meet all customer needs. Because of this, it becomes the responsibility of the customer to define the appropriate level of security required for data, the list of authorized users, a safe hardware and software configuration, and assurances for availability. At the end of this discussion, you will have a brief understanding of these key areas that will receive additional attention in the months to come.
Key Security Areas
1. Determine Appropriate Access to Information
This governs who has the ability to gain access to the AWS resources, identify their role, and by extension the data or services that should be available to them. This is more than just the Identity Access Management (IAM) service that is provided by AWS, but it also concerns integrating access with existing security controls that you may have within your enterprise. The goal is to define and then provide the minimum security and data access that is required for any given role.
2. Secure Operating Systems and Applications
Most security teams have existing processes in place to ensure that proper patching is applied on a regular basis to operating systems and software packages throughout their network. Patches that address security vulnerabilities may be applied as a priority outside the normal schedule. This does not change when you move into the cloud, as it will still be the responsibility of the team to validate that there are no known exploits for either the hardware or software. In this area, the goal will be to provide a list of known software and hardware that is used in order to identify any known exploits that can be addressed, and using scripts to ensure that all configurations can be validated before moving into production.
3. Use Segmented Networks
While the Cloud removes the ability to create a hardened perimeter with a firewall, you can still create a layered infrastructure using Virtual Private Clouds (VPCs), subnets, routing tables, and zoned applications with different access levels to limit the risk of exposure of sensitive data.
4. Employ Data Encryption
It is critical that an assessment is made of the encryption requirements for each data element that will be stored in the Cloud and assurances are made that the encryption method meets all appropriate regulations and best practices. Consider the encryption required while the data is at rest, in transit, and in use. In many cases, this will involve a detailed review of the encryption method, software involved, operating system, and use.
5. Plan for Incident Response
While the standard world can count on death and taxes, the security world knows responding to incidents is a certainty. It is critical that you develop a process for detecting and responding to anomalies, maintain tamper-proof logs to track user access and commands, and validate that these items will meet the requirements to support law enforcement or audit reviews.
The Cloud provides the ability to scale hardware on demand, while limiting costs to just the services used are clear. Understanding that your Cloud provider offers options for security, but it is still up to the environment administrators to design and test their architectures to ensure that that they maintain the appropriate confidentiality, integrity, and availability of data is key.