As we continue to grow our digital footprint, taking more of our processes, our data, and our people online, safeguarding our cloud environment has never been more important.
As we increase our usage of cloud-based tools, we also make ourselves more vulnerable to bad actors that might look to take advantage of this growing surface area.
According to the World Economic Forum, it’s crucial to offset this increased risk to avoid falling foul of cybercrime opportunists.
Many industries may be suffering the effects of the global pandemic, but cybercrime is not one of them. In fact, we’ve already seen opportunistic cybercriminals seeking to exploit the increased usage of cloud systems.
Not only that, but our heightened dependency on cloud infrastructure means that the stakes are even higher when it comes to keeping your digital operations performing as they should.
That’s why it’s critical that businesses redouble their cybersecurity efforts to protect themselves and their employees from malicious online activity.
To help you secure your operations, wherever you’re working right now, we asked cloud experts to share their quick and dirty tips on how to make the most of AWS security features and safeguard your data in the cloud.
Get more AWS optimization tips from cloud experts in our new white paperMeet our AWS experts
Trevor Sullivan is a founder, engineer, instructor, consultant, and Solutions Architect who holds seven AWS certifications.
Marc Weaver is a certified AWS Solutions Architect and founder of databasable, a cloud computing consultancy that specializes in AWS.
Efi Merdler-Kravitz is Director of Engineering at Lumigo, a monitoring and debugging platform for AWS serverless apps.
Julio Faerman is a Software Engineer at Nubego and an AWS Technical Evangelist, who helps builders be successful with AWS.
So, what can organizations do to offset the increased security risk that comes from remote working and use of personal devices?
Encrypt your data
Trevor Sullivan: “Ensure that laptops are using encryption, such as Windows BitLocker or macOS FileVault.”
Take advantage of virtual workspaces
Marc Weaver: “The most secure way is to use virtual desktops. AWS offers WorkSpaces that allows you to run virtual Windows/Linux workspaces in the cloud that you have complete control over, so all your data remains on your infrastructure.
Use a VPN
Marc Weaver: “If your employees are using their own devices, then providing a secure VPN connection to your office applications is essential. AWS offers Client VPN, which is a simple way for your staff to connect over a secure and encrypted tunnel.”
Enable multi-factor authentication
Trevor Sullivan:Use a password management solution to store static passwords for services, avoid reusing passwords in favor of lengthy (30+ characters), randomly-generated passwords, and enable Multi-Factor Authentication (MFA) for any services that support the feature.
“Twilio’s Authy is a free and easy to use MFA application that can synchronize your accounts across many devices.
“IT administrators should enable policies that enforce MFA for business applications, and consider using single sign-on (SSO) services like Okta, for ever greater security.”
Set up Identity Access Management
Efi Merdler-Kravitz: “Lumigo is 100% serverless, therefore problems like Secured Bastion station or remote VPN access are not an issue for us. We do use IAM roles extensively, and various users in the company have different IAM roles. Two-factor authentication is also mandatory for any of our production accounts.”
Julio Faerman: “Security should be considered job zero, especially now that vulnerabilities are more likely. As companies move to the cloud, even for internal applications, there’s naturally less need for local data, and other security improvements.
“AWS Security services, especially IAM, offers many controls to restrict access quite precisely. Make sure to go through AWS Well Architected Framework reviews, at least for the security pillar. I see a lot of security risks rising from improvising and building ad-hoc infrastructures. AWS resources are usually private by default, and automation helps to build systems that are testable and repeatable without introducing risks.”
Consider using mobile and embedded technologies
Julio Faerman: “The Internet of Things and connected devices, now powered by machine learning, can go a long way in making systems less intrusive and more secure. Simply using a custom voice assistant, like Alexa, can already prevent a lot of unnecessary touching. These new technologies enable us to build applications that talk, see, and predict. Consider how mobile and embedded devices can help improve your business.”
Practical advice from AWS experts to help you weather the storm
With extensive insights, advice, and best practices from cloud leaders, our brand new white paper is the ultimate guide to optimizing your business with AWS.