Covid-19 was a difficult time for all businesses. Its greatest impact was that it forced us to think outside the box and consider new solutions. Many companies implemented changes within months that would have normally taken many years. These transformations were powered by cloud technologies. The power of cloud technology has been realised and its adoption has accelerated. Forecasts indicate cloud services will grow by 18.5%, providing employees with the ability to connect to business tools from the comfort and safety of their homes. The most popular cloud solution is Amazon Web Services (AWS).
Whilst there are plenty of benefits, it is vitally important to secure your AWS services. A part of your company is now on the internet, sensitive data and tools you depend on to continue operating are now open to compromise. Popular tools such as S3 buckets, hold critical company information, EC2 (virtual computers) hold scalable computing power as well as identity and access (IAM) management. With multiple AWS services implemented over different departments, it becomes increasingly difficult to hold each department accountable to best practice, especially over time.
There are multiple tools each organisation must implement, the first is a comprehensive audit of each AWS service and instance. There are key questions you must ask your team:
- The most important of which is, has your AWS environment been configured to best practices?
- The next tool is Penetration Testing and Static Code Review. Are your production environments protected whilst hosted on AWS services? Are your production environments consistently protected against new vulnerabilities?
- Finally, there is monitoring, CloudTrail is an Amazon solution that monitors all activity across your AWS infrastructure. With gigabytes worth of data equating to over 100,000 events each with 40 lines of information, it becomes an insurmountable task to comprehensively monitor your AWS environment. How are you monitoring your AWS environment?
We at Excite Cyber are constantly asking these questions and providing solutions to ensure your AWS environment is secure. Through 24/7 monitoring, utilising our state-of-the-art Security Operation Centre (SOC), and our comprehensive auditing and penetrating testing by our expert cybersecurity consultants, we have all the tools to keep you operating with confidence. Don’t hesitate to contact us.