• Login
    • Proximity
    • ClearDB
    • ServiceNow
    • NaviVue
      (Formerly Velocity Zoom)
    • Privo Service Desk
  • Support
  • Contact Us
  • Login
    • Proximity
    • ClearDB
    • ServiceNow
    • NaviVue
      (Formerly Velocity Zoom)
    • Privo Service Desk
  • Support
  • Contact Us
  • Industries
    • Healthcare
    • Life Sciences
    • Manufacturing
    • ISV/SaaS
  • Services
    • Application Services
      • Oracle
      • SAP
        • SAP Analytics
        • SAP Business Technology Platform
        • SAP Data Management Services
        • SAP ECC
        • SAP Intelligent Technologies
        • SAP Managed Services
        • SAP Professional Services
        • SAP S/4HANA
        • RISE with SAP
      • Microsoft
      • Infor
      • Salesforce
      • Custom Application Development
    • Cloud Marketplaces
      • AWS
      • Azure
      • Heroku
    • Cloud Services
      • AWS
      • Google Cloud
      • Microsoft Azure
      • Oracle Cloud
      • Cloud Migration
      • Cloud Optimization
      • Cloud DevOps
      • Virtual Desktops
    • Data Intelligence & Automation
      • Business Intelligence
      • Blockchain
      • CPM
      • Data Architecture & Design
      • Predictive Analytics & AI
      • Robotic Process Automation
      • SAP Analytics
    • Database Services
      • Managed DBA
      • SAP HANA
      • Database Refactoring
      • Database as a Service
    • Infrastructure Services
      • Managed Hosting
      • IBM i Power Systems (AS/400)
      • Colocation
      • Disaster Recovery
    • Security Services
      • Advisory Services
      • Managed Security Services
      • Virtual CISO
    • Supply Chain
  • Resources
    • Blog
    • Resource Center
    • Events
    • Case Studies
  • Partners
    • AWS
    • Google
    • Microsoft
    • Oracle
    • Salesforce
    • SAP
    • ServiceNow
    • Stripe
  • Company
    • About
    • NaviVerse
    • Careers
    • Leadership
    • News
    • Press Releases
    • Awards & Recognition
    • Trust & Transparency
    • #NaviGivesBack
    • Navisite’s Next Steminist
    • Contact

AWS Cloud Security: A Few Best Practices to Help You Take Control

Peter Berry
  • All Posts
  • News
  • Events
  • Tips
  • Insights
  • Spotlight
  • Company

Before releasing products to the market, manufacturers go through rigorous testing to make sure they’re safe for public use. The number one reason for the thorough evaluation and testing is, obviously, to protect customers. But safe and trustworthy products also provide a number of business benefits too: they boost a manufacturer’s reputation, help them cement customer relationships and drive sales.

This same concept must be applied when building your Amazon Web Services (AWS) environments. Before you launch production workloads in AWS, you must test, test and test again to make sure your infrastructure is properly secured. Failing to do so can put your customers’ data and your own assets at risk. Even a small breach can result in reputational damage, regulatory fines, loss of customers and reduced sales.

Given these consequences, why do some companies rush to the cloud, leaving security as an afterthought? For some organizations, business demands trump security concerns. For others, there may be a lack of understanding on how to effectively manage cloud security. And for others still, there’s confusion about what they are responsible for securing versus the cloud service provider (CSP). According to a report from Palo Alto Networks, “73% of companies struggle to clearly delineate between their CSP’s security responsibilities and their own.”

While it’s true that there is a lot to learn about cloud security and a lot to prepare before releasing workloads, applications and services to the cloud, there are some fundamental concepts and best practices that can help even the busiest IT teams make AWS security more manageable. And the upfront time you put in to get things right will pay dividends later when you’re securely up and running on AWS.

It Starts with the Shared Responsibility Model

The first step in mastering AWS security is having a clear understanding of the Shared Responsibility Model—what you are responsible for securing on the cloud and what AWS is responsible for securing. Neglecting to take the time to clarify roles and responsibilities can leave your business vulnerable to data breaches, cyberattacks and other threats. In fact, according to Gartner, through 2025, 99% of cloud security failures will be the customer’s fault.

Taking the time to clarify responsibilities enables you to put the right security controls in place, significantly reduce risk and fully reap the rewards of the cloud. So, let’s break down who owns what in the world of cloud security.

At a high level, the Shared Responsibility Model follows this general guideline: The cloud provider is responsible for the security and management of the cloud infrastructure. For example, Amazon takes care of its AWS infrastructure, which includes the security configurations of its managed services like Amazon WorkSpaces. This includes the physical security of their data centers, security of the underlying hardware and storage, and the patching of the virtual host servers underlying all Amazon services.

On the other hand, the customer is responsible for the security of its applications and workloads running on the cloud, including databases, operating systems and modern application components.

Here’s where it can get a little tricky. The level of responsibility changes depending on the cloud environment you choose to use—infrastructure as a service (IaaS), platform as a service (PaaS) or software as a service (SaaS). For more details, read our eBook: Shared Responsibility for Cloud Security.

Four AWS Security Best Practices

Additionally, there are several foundational best practices that you can follow to ensure a strong AWS security posture:

  1. Take an inventory of where your data and assets reside to understand what SaaS applications are in use and who is using them, and then establish security controls and parameters to keep usage in line with security policies and procedures.
  2. Create a data governance framework that not only remediates security gaps but also provides guidance and specific direction on how to maintain a secure environment.
  3. In addition to standard passwords, add layers of protection, such as the use of credentials such as hardware tokens, numerical codes, biometrics, time and location.
  4. As mentioned earlier, it’s crucial to understand your roles and responsibilities related to the cloud—and they should be clearly defined in your security policies and procedures, along with a comprehensive incident response (IR) plan that provides direction on how to respond in various scenarios. And remember, just like product manufacturers go through rigorous testing processes, you too should continuously test—and improve—your IR plan.

Trusted Security Guidance Can Ease the Burden

Ultimately, the responsibility is on you to take charge of your AWS security—and this isn’t a job that should be taken lightly. The good news is that you don’t have to go it alone. As a trusted partner to growing and established global brands, Navisite brings decades of experience helping companies eliminate threats and reduce risk across on-premises and cloud-based infrastructure, platforms and applications. Our experts work closely with IT teams to implement a dynamic and adaptive security program based on technical and budgetary requirements, along with best practices and strategic guidance that are customized to the business.

To learn how Navisite can help you migrate, manage, optimize and secure your AWS environments, contact us today.

You May Also Like

How to Choose the Right SAP S/4HANA Implementation Path for Your Business

Tips
by Megan Ferringer  

From the Desk of the vCISO: How to Protect Your Business from Third-Party Risk

Tips
by Aaron Boissonnault  
About the Author
Peter Berry
Peter Berry

Peter is the CTO of cloud technologies at Navisite, leading the technical vision and development of our managed cloud services portfolio to support the migration and optimization of customer environments in the cloud. His expertise spans infrastructure and cloud technologies, and he brings over 20 years of project and technical leadership experience across industries and in the public sector. Prior to joining Navisite as the director of AWS solutions, he was the co-founder and CTO of clckwrk, a London-based AWS migration specialist and consulting partner that was acquired by Navisite in 2019. As part of the founding team at clckwrk, Peter was instrumental in building a successful business helping global enterprises throughout Europe and North America migrate Oracle and other enterprise applications into the public cloud.

Categories

  • Blog
  • Events
  • Insights
  • News
  • Spotlight
  • Tips

About Us

Navisite is a trusted IT services partner for mid-market and smaller enterprise companies. We help our customers maximize business value and accelerate digital transformation with a comprehensive portfolio of enterprise application, data management, security and managed cloud services.

Follow Us & Share

Press Releases

  • Navisite Named a Finalist for 2023 SAP® Pinnacle Award in the Sales Success – Midmarket Category
    April 25, 2023
  • Public Consulting Group’s Education Practice Chooses Digital Transformation Partner Navisite for Public Cloud Migration
    April 18, 2023
  • Navisite Chief Marketing Officer Receives PRNEWS Top Women Award
    April 17, 2023
  • Navisite Launches Third Annual ‘Next Steminist’ Scholarship Program in the U.S.
    April 5, 2023
  • Navisite Announces Key Executive Appointments
    March 29, 2023
  • U.S. Tech Company Navisite Expands Globally with Presence in Costa Rica
    March 9, 2023
From the Desk of the vCISO: Using Security Frameworks to Build Your Cybersecurity Program
by Aaron Boissonnault  
            Previous Post
Creeping Cloud Costs: Five Tips to Manage Azure Cloud Spend
by Megan Ferringer  
Next Post      

Industries

  • Healthcare
  • Life Sciences
  • Manufacturing
  • ISV/SaaS

Services

  • Application Services
  • Cloud Marketplaces
  • Cloud Services
  • Data Intelligence & Automation
  • Database Services
  • Infrastructure Services
  • Security Services
  • Supply Chain

Resources

  • Blog
  • Resource Center
  • Events
  • Case Studies

Partners

  • AWS
  • Google
  • Microsoft
  • Oracle
  • Salesforce
  • SAP
  • Service Now
  • Stripe

Company

  • About
  • NaviVerse
  • Careers
  • Leadership
  • News
  • Press Releases
  • Awards & Recognition
  • Trust & Transparency
  • #NaviGivesBack
  • Navisite’s Next Steminist Scholarship
  • Contact
  • Modern Slavery
We use cookies
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Cookies
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT