![](\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/devops\/thumbnails\/23\/build-secure-well-architected-framework-for-cloud-architects.jpg\")
<\/p>\n<\/p>\n
<\/div>\nIn today\u2019s operating environment, security is critical and businesses must be protected from accidental and malicious threats. These risks can come from any direction and at any moment in time. Just like any other cloud providers, Amazon Web Services (AWS) has a shared security model. This model indicates what responsibility lies with the provider and what is the responsibility of the customer, so appropriate steps can be taken to ensure security.<\/p>\n
Operational excellence applied to your cloud workload<\/span><\/p>\n Security must always be tailored to fit each individual business. To choose business-appropriate security controls, threat modeling and a risk assessment must be done. Once you have the results of those processes, you may need to revise your security decisions, especially within the cloud. Automated tools should be used to continuously scan your machine images, applications, APIs, or any other part of your infrastructure as code (IaC). You should be going through the exercise of threat modeling and assessing risk on a regular basis to ensure that you are up to date with the current threat landscape.<\/p>\n Cloud account management for architects<\/span><\/p>\n Unfortunate lessons have been learned by companies like Code Spaces<\/a>, who saw their business devastated by cybercriminals who were able to compromise the company\u2019s corporate AWS account. To reduce the risk of this happening to your business, access to the root account within AWS controlled with multi-factor authentication (MFA) is recommended. As well, separate accounts should be established for production, development, testing, because if one account becomes compromised, the others can remain secure.<\/p>\n AWS Organizations<\/a> should be used to centrally manage all the AWS accounts within a corporation. When using AWS Organizations, it is critical to ensure all settings are appropriately chosen. To control all accounts appropriately, all features should be enabled<\/a>.<\/p>\n Want to eliminate manually checks for adherence to AWS Organizations\u2019 best practices? Have your AWS cloud infrastructure scanned for adherence to 750+ cloud guidelines by signing up for our free trial<\/a>.<\/p>\n Security in the cloud<\/span><\/p>\n AWS defines security in the cloud across seven areas:<\/p>\n Focusing on these selected number of design principles will help you to build well-architected environments.<\/p>\n IAM is extremely crucial to protecting your business, as it allows organizations to control who can and cannot access data accounts. If someone or something cannot access our data, then they should not be able to alter or steal it, however, this is not the only tool we need.<\/p>\n When controlling access, we need to control both humans and machines. When it comes to access control for humans, we are talking about users, administrators, developers, and customers. While machines are usually less obvious, AWS placed all virtual machines, APIs, applications, servers, routers, and switches into this category.<\/p>\n According to AWS<\/a>, here are five critical things that we should be doing with our identities.<\/p>\n 1. Use strong sign-in mechanisms. <\/b>Sign-ins pose risks when lacking additional security measures like multi-factor authentication (MFA), especially if credentials are compromised or easily guessed. Mitigate these risks by implementing robust sign-in mechanisms that enforce MFA and strong password policies.<\/p>\n 2. Use temporary credentials. <\/b>Prefer the use of temporary credentials over long-term credentials for authentication to minimize the risk of inadvertent disclosure, sharing, or theft of credentials.<\/p>\n 3. Store and use secrets securely. <\/b>To authenticate with databases, resources, and third-party services, a workload relies on secret access credentials like API access keys, passwords, and OAuth tokens. Employing a specialized service to securely store, manage, and regularly update these credentials minimizes the risk of credential compromise.<\/p>\n 4. Rely on a centralized identity provider. <\/b>Streamline workforce identity management by utilizing a centralized identity provider. This enables efficient access management across various applications and services from a single location, simplifying the process of creating, managing, and revoking access. Integration with HR processes allows seamless revocation of access for all applications and services, minimizing the reliance on multiple credentials.<\/p>\n 5. Audit and rotate credentials periodically. <\/b>Regularly audit and rotate credentials to restrict the duration for which they can be used to access resources. Prolonged use of credentials poses significant risks, which can be mitigated by implementing a routine credential rotation practice.<\/p>\n Protecting the AWS accounts you are managing access to is also critical. This starts with defining guardrails for the organization, which allows configurations with service control policies (SCP) to prevent the deletion of common resources. It is critical to ensure you have the right configurations within AWS Organizations<\/a>. You can see the many IAM best practices<\/a> on the Trend Micro Knowledge Base, such as ensuring access keys are rotated<\/a>, multi-factor authentication (MFA) is enabled for the AWS root account, and that AWS IAM roles cannot be used by untrusted accounts via cross-account access feature.<\/p>\n As previously mentioned, it is critical to know when an incident occurs. Without this information, it is impossible to respond, fix, or correct. If detection takes too long and your response does not mitigate damage early on, you may be faced with higher fines by violating the regulations of GDPR or HIPAA. So, how can this be prevented? With proper configurations and investigations.<\/p>\n Having the proper configuration for your systems to log and alert your network operations center (NOC) or security operations center (SOC) is the first step. AWS offers a variety of tools to build a comprehensive and automated detective environment. These include:<\/p>\n The challenge is to ensure those products are properly configured. Trend Micro<\/a> ingests the data from these services and products (along with 90 other AWS cloud services and resources) and automatically checks for misconfigurations from the Trend Micro Knowledge Base.<\/p>\n Interested in knowing how well-architected you are?<\/a> See your own security posture in 15 minutes or less.<\/p>\n It is critical to have the ability to investigate and respond to incidents. When an incident is detected, there should be a playbook of processes for investigation. This will enable teams to respond effectively to an incident. However, this is just the first part. The next step is having an automated response configured for certain events.<\/p>\n Infrastructure protection is broken down by AWS into network and compute protection mechanisms. Network protection involves traditional tools such as firewalls and access control lists. Compute protection involves tactics such as code analysis and patching.<\/p>\n Network protection mechanisms start with the traditional security concept of defense in depth. Having a single protection mechanism in front of a resource is not sufficient. As we construct our networks, it is necessary to ensure that logging and alerts are enabled, so responses can be initiated immediately. AWS offers Amazon Virtual Private Cloud (Amazon VPC), which allows for network segmentation and control to create a virtual network where you can specify and configure your IPv4 or IPv6 addresses, as well as decide whether or not it is accessible from the public internet, among other things<\/a>. It is critical that you get everything setup correctly within Amazon VPC to protect your resources. Conformity has several rules that you can use to manually check your own Amazon VPC configuration<\/a>, or if you start a trial<\/a>, your entire environment will be automatically scanned for misconfigurations.<\/p>\n Compute protection is about the edge computing resources. To start, you\u2019ll want to have tools for code analysis, as clean code is critical to ensuring there aren\u2019t open doors that cybercriminals or their malicious software (malware) can get through. Once applications\/software\/operating systems, and the like, are deployed, updates or patches need to be applied as the flaws or bugs are revealed.<\/p>\n Protecting data at rest and in transit is essential, using methods such as encryption and classification. Data classification is essential to understanding what data we possess and what needs to be done to protect it appropriately. Data and resources can be tagged so the systems can recognize what kind of resource it is, and then utilize service control policies (SCP) to control access utilizing attribute-based access control.<\/p>\n Cryptography can be used to protect data at rest and in transit. Drives, folders, and buckets can be encrypted while resting on AWS servers. As always, it is critical that configurations are done correctly… For example, you must ensure that encryption is enabled for Amazon Athena query results, especially since there are multiple ways to configure this, such as server-side encryption (SSE) or client-side encryption (CSE).<\/p>\n When encrypting data in transit, there are many different configuration options as well. It is not as simple as ensuring that Transport Layer Security is enabled. Controlling certificates is critical here, and there are many things to manage with AWS Certificate Manager.<\/p>\n Key management is essential to cryptography for data in transit and at rest. If done properly, compliance with PCI-DSS, GDPR, and other regulations is supported. One choice to consider is a hardware security module (HSM) or tokenization.<\/p>\n When an adverse event or incident occurs, correct, efficient, and effective responses are essential.<\/p>\n Also known as AppSec, this comprehensive process includes the design, construction, and testing of secure workloads. An effective AppSec program starts with well-trained personnel, an understanding of the security properties of your build and release infrastructure, and the use of automation to identify security issues. Incorporating application security testing into your software development lifecycle (SDLC) and post-release processes can help you identify, rectify, and prevent application security issues from entering the production environment.<\/p>\n In your application development methodology, it is crucial to integrate security controls throughout the entire lifecycle. This includes design, construction, deployment, and operation of workloads. Aligning the process with continuous defect reduction and minimizing technical debt is important. For example, utilizing threat modeling during the design phase enables the early identification of design flaws. This makes it easier and more cost-effective to address compared to later stages. Resolving defects early in the SDLC generally incurs lower costs and complexity. By prioritizing a threat model, you can focus on the right outcomes from the design phase and prevent issues from arising altogether.<\/p>\n As your AppSec program evolves, you can increase the automation-driven testing, enhance feedback to builders, and expedite security reviews. These actions collectively improve the quality of the software and accelerate feature delivery in production.<\/p>\n Implementation guidelines are centered around four key areas:<\/span><\/p>\n Each area provides a set of principles that can be implemented to achieve an end-to-end perspective in designing, developing, building, deploying, and operating workloads.<\/p>\n Within the AWS ecosystem, various approaches can be employed to address your application security program. Some approaches focus on technological solutions, while others emphasize the human and organizational aspects of AppSec. A balanced combination of both can help establish a robust application security framework. As more security breaches hit the news and data protection has become a key focus, meeting this pillar\u2019s standard should always be in mind. Trend can help you stay compliant to the well-architected framework with its 750+ best practice checks. Learn more by reading the other articles in the series, here are the links: 1) Overview of all 5 pillars<\/a> 2) Operational excellence<\/a> 3) Performance efficiency<\/a> 4) Reliability<\/a> 5) Cost optimization<\/a> 6) Sustainability<\/a><\/p>\n\n
\n
\n
\n
\n