Apply Best Security Practices in AWS Cloud

To start with AWS Cloud, cloud security need to discuss by every organization. The customer has to understand AWS Shared responsibility model to protect data. AWS provides security services and features, implementation is always on the customer side. The customer has to meet business requirements for information protection.

To start with AWS Cloud Security, you need to understand top-level categories

With my experience in AWS security over the years, I have listed down 18 best practices to make your AWS Account and resources more secure and meet security and compliance objectives.

1. Refer to AWS Well-Architected Tool ( security pillar) containing 57 controls to make sure all boxes are ticked
2. Enable VPC flow logs to monitor network traffic
3. Enable Cloudtrail to log activity on the AWS account. With Anthena explore Access logs.
4. Implement AWS config conformance packs (collection of AWS config rules) as per multiple security standards
5. Enforce MFA on AWS account
6. Take CIS to harden image from AWS marketplace
7. Maintain image baseline on the instance by using Ansible/Puppet/Ruby
8. Enable GuardDuty to detect intrusion
9. Detective service will be helpful to analyze Cloud trail logs, VPC flow logs and GuardDuty findings
10. Use AWS SSM to connect remote servers without key
11. Lock regions and services by using Service Control Policies to control access only for particular regions and services
12. Implement WAF (Web Application Firewall) to filter malicious threats
13. Least privilege IAM access via JSON policies
14. Implement SSO (single sign-on)
15. Isolate AWS workload with different AWS Accounts
16. Enable IAM Access Analyzer to analyze public and private access.
17. If Access keys in use, recommend rotating it
18. Set Password policy on IAM User accounts