Part 2 of Enhancing Cyber Resilience on AWS: Asset Management and Security

Written By Ben Rodrigue

In Part 2, lets talk about securing your cloud assets by following best practices on AWS

Do you remember when the U.S. Department of Defense faced an embarrassing leak due to poorly configured Amazon S3 buckets? Or when 123 million American households had their personal data exposed? Unfortunately, there is a good chance that you don’t because data leaks have become so commonplace. Leaving an S3 bucket open is tantamount to leaving the front door open at home. It’s so “amateur hour” it’s shameful.

So who benefits? Criminals of course, but not surprisingly, the cyber insurance sector is rapidly expanding within the global insurance industry. Premiums are projected to surpass $20 billion by 2025, up from an estimated $15 billion in 2023. And, the global cybersecurity market is expected to grow at a compound annual growth rate (CAGR) of 13.8% from 2023 to 2030, driven by increasing cyber threats and the rising adoption of cloud-based solutions​ (Mordor Intel)​​ (McKinsey & Company)​.

Why is this? It’s obvious that companies haven’t given up the fight. It’s that most companies have accepted that losing data, your data, has such a high probability, that even with the most sophisticated software, they need extra insurance above and beyond their standard policies.

For me, these experiences put a spotlight on the critical importance of effective asset management and robust security practices. In many cases, as in these wide open S3 buckets, it’s child’s play to at least cover the basics in security. At SoftStackers, we take a layered approach to security, but that begins with the basics, like securing cloud assets using AWS native services and coupling that with our own specialized governance and alerting solutions. That said, I’d like to share some best practices that we follow in order to secure customer environments.

Importance of Asset Management in Cloud Security

Asset management involves maintaining a detailed inventory of all cloud resources, understanding their configurations, and ensuring they are properly secured. Mismanaged or overlooked assets can become vulnerable points within your infrastructure, leading to potential security breaches.

Creating and Maintaining an Asset Inventory Using AWS

AWS provides several tools to help manage and maintain an inventory of cloud resources:

  • AWS Config: AWS Config continuously monitors and records AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

  • AWS Systems Manager: This service provides operational data from multiple AWS services, helping you maintain a detailed inventory of your resources.

  • AWS Trusted Advisor: Offers real-time guidance to help you provision your resources following AWS best practices.

In addition to these, SoftStackers offers specialized governance and alerting services to ensure comprehensive visibility and compliance across your cloud environment. Our solutions integrate seamlessly with AWS tools to provide enhanced monitoring and reporting capabilities.

Strategies for Securing AWS Assets

1. Network Segmentation:

- Use AWS Virtual Private Cloud (VPC) to create isolated network segments.

- Implement Network Access Control Lists (ACLs) and Security Groups to control traffic flow.

2. Access Controls:

- Enforce the principle of least privilege using AWS Identity and Access Management (IAM).

- Implement multi-factor authentication (MFA) for all privileged accounts.

3. Encryption:

- Use AWS Key Management Service (KMS) to manage cryptographic keys.

- Ensure data at rest and in transit is encrypted using AWS encryption services.

4. Regular Audits and Monitoring:

- Conduct regular audits using AWS CloudTrail to log and monitor all account activity.

- Utilize Amazon Macie to discover, classify, and protect sensitive data.

- Implement additional governance and alerting solutions from SoftStackers to enhance monitoring and compliance.

Follow this link for AWS Approved Config Conformance Packs on Github

Case Studies from Various Industries

1. Healthcare:

- A healthcare provider uses AWS Config and AWS Systems Manager to ensure compliance with HIPAA regulations, maintaining a secure and auditable inventory of all patient-related data and systems.

2. Financial Services:

- A financial institution leverages AWS KMS for encryption and AWS CloudTrail for auditing, ensuring all financial transactions and records are secure and traceable.

3. Retail:

- A retail company employs AWS Trusted Advisor to optimize security configurations and AWS VPC to segment customer data from backend systems, enhancing overall security posture.

Conclusion

Managing and securing assets on AWS requires a structured approach, utilizing the robust set of tools AWS provides. By maintaining a detailed inventory, implementing strict access controls, regularly auditing your resources, and leveraging additional governance and alerting solutions from SoftStackers, you can significantly reduce security risks and ensure a resilient cloud environment. The integration of AWS services such as AWS Config, AWS Systems Manager, and AWS Trusted Advisor forms a strong foundation for effective asset management and security.

Looking back on my early challenges with cloud asset management and what I have seen industry wide, I have learned that having the right tools and strategies makes all the difference. At SoftStackers, we are committed to helping organizations navigate these complexities and achieve robust cloud security but also helping them sleep at night knowing that we are on the lookout for glaring security holes that may have otherwise gone unnoticed and expoited.

Stay tuned for Part 3 where we discuss Identity Management and Device Security

Ben Rodrigue https://www.softstackers.com
Previous

How Our Clients are Operationalizing Generative AI
Next

Part 1 of Enhancing Cyber Resilience on AWS: Introduction to Cybersecurity Mitigation on AWS