Your AI chatbot in 8 hours
Visit Our Blog
902 02 62 13
Search
Zaragoza, Reus, Bilbao
902 02 62 13
5 Keys to Improve the Security of Your AWS Accounts
-
0

5 keys to to improve la to maximise security and your enjoyment. de your accounts de AWS

apser apser
Amazon Web ServicesAWSImprove SecuritySecurity
02/06/2022

5 Keys to Improve the Security of Your AWS Accounts

One of the features we value most about Amazon Web Services is the security offered both for users and for the services deployedHowever, it is important to remember that one of the responsibilities as users of this platform is the security of our accounts (corresponding to the cloud security of the AWS responsibility model).

For this reason, we take advantage of this post to give you 5 Key Tips to Improve the Security of Your AWS Accounts and Services.

If you find this topic interesting, we invite you to download our free Ebook «How to migrate to Amazon Web Services?«

1 – Multi-factor authentication (MFA)

 A best practice is Integrate MFA into the root user and all IAM users to protect accounts from unauthorized accessWith the AWS Single Sign-On tool, it is possible to manage access centrally and select only those users with access permissions.

2 – Analyze IAM roles

La Periodic re-evaluation of IAM roles and permissions is essential to reduce the number of unused IAM users. AWS offers the tool IAM Access Analyzer to discover external shared access to AWS accounts and internal resources, and refine permissions based on historical access and resource usage. 

3 – Creating Security Groups

When we create security groups we enable network access to AWS resources. Usually these groups are deployed for EC2 instances as they allow us to control outgoing and incoming traffic. They basically act as a virtual firewall and to make sure we have everything under control it is It is important to verify that only the required ports are open and that the connection is enabled only from known network ranges

4 – Rotation of access keys

In case of using access keys instead of roles, It is recommended to rotate them periodically and eliminate those with long periods of disuse.AWS recommends using IAM roles instead of access keys, which ensure that users only have the necessary privileges. Here is a guide in English about the IAM roles. Best practices for managing access keys

5 – Logs in CloudTrail

Once the accesses, roles and permissions have been defined, it is also crucial monitor actions that users take on the AWS account. All this data will allow us to improve our security policies. How can we do this? AWS recommends Write CloudTrail logs to an S3 bucket designated for logging. Permissions on S3 should prevent deletion of logs and they should also be encrypted. Once logs are centralized, you can integrate them with SIEM solutions or use AWS services to analyze them. 

With these keys, it is possible to reinforce the security of everything that happens within AWS accounts and obtain a resilient and agile infrastructure in just a few steps and at the lowest cost. And if you found this interesting, follow our blog for more news about the AWS cloud.

Do you have a cloud migration project? Our AWS cloud experts can guide you through the roadmap that best suits your business. Contact Us and we will help you speed up the digital transformation of your company. 

Download free ebook

amazon web services AWS Security cloud security
apser
apser

We help companies from different sectors and sizes to innovate and adapt to new scenarios to achieve their objectives in Cloud Infrastructures, Analytics, Transformation through Generative AI & Machine Learning and User or Customer Service.

Related Posts
Leave a comment

Your email address will not be published. Required fields are marked *

Last updated October 2024

apser Cookie Policy

Privacy Policy and Cookies of apser

This Cookie Policy explains how apser (appser data engineering) uses cookies and similar technologies to recognise you when you visit our websites at https://apser.es, ("Websites"). It explains what these technologies are and why we use them, as well as your rights to control our use of them. In some cases we may use cookies to collect personal information, or that becomes personal information if we combine it with other information.

What are cookies?

Cookies are small data files that are stored on your computer or mobile device when you visit a website. Cookies are widely used by website owners to make their websites work, or work more efficiently, as well as to provide reporting information. Cookies set by the website owner (in this case, apser) are called "first party cookies". Cookies set by parties other than the website owner are called "third party cookies". Third party cookies enable third party functionality or features to be provided on or through the website (for example, advertising, interactive content and analytics). The parties that set these third party cookies can recognise your computer both when you visit the website in question and when you visit certain other websites.

Why do we use cookies?

We use first-party and third-party cookies for a number of reasons. Some cookies are necessary for technical reasons for our websites to function, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies also allow us to track and target the interests of our users to enhance the experience on our Online Properties. Third parties use cookies through our websites for advertising, analytics, and other purposes. This is described in more detail below. The specific types of first-party and third-party cookies used through our websites and the purposes they perform are described below (please note that the specific cookies used may vary depending on the specific Online Properties you visit): https://apser.com/privacy-and-cookies/

How can I control cookies?

You have the right to decide whether to accept or reject cookies. You can exercise your rights over cookies by setting your preferences in the Cookie Consent Manager. The Cookie Consent Manager allows you to select which categories of cookies you accept or reject. Essential cookies cannot be rejected as they are strictly necessary to provide you with services. The Cookie Consent Manager can be found in the notification banner and on our website. If you choose to reject cookies, you may still use our website, although your access to some features and areas of our website may be restricted. You may also set or modify your web browser controls to accept or reject cookies. As the means by which you can reject cookies through your web browser controls vary from browser to browser, you should visit your browser's help menu for more information.

Need more information? Visit our privacy and cookies page
Close
Search

Hit to search or ESC to close

Apser.es
Powered by  GDPR Cookie Compliance
Privacy summary

This website uses cookies so that we can offer you the best possible user experience. The information of the cookies is stored in your browser and performs functions such as recognizing you when you return to our website or helping our team understand which sections of the website you find most interesting and useful.