Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Tips To Secure Your UK AWS Cloud

Written by  Mar 23, 2020

If you have questions about your AWS cloud, there is an AWS account team and support team available to provide security guidance for the cloud.

Security is more important than ever and the cloud is being utilised by organisations of all sizes, growing daily in popularity and usage. But choosing the right package can be challenging AWS is

Organisations should encrypt their content for highly sensitive material. AWS, and third-party providers, offer tools that can be used to encrypt data. Should a leak or breach occur, any content that has been encrypted is rendered useless without the appropriate decryption keys.

Cloud Computing Security: Foundations and Challengesamazon uk

From the system pint of view, Amazon S3 includes native functionality to assist organisations with avoiding misconfigurations, such as a prominent indicator in the S3 console next to each publicly accessible bucket. There is also the S3 Block Public Access feature, which allows account administrators to centrally control access settings, to prevent variation in their security configurations.

For example, AWS Config allows customers to enable pre-packaged rules which help ensure that their AWS resources are in a properly configured and compliant state. Some of these rules are designed to automatically identify buckets that allow global read or write access, by checking all buckets in the account and flagging content that is publicly available.

With AWS CloudTrail, IT teams can log, monitor and retain account activity related to actions across AWS infrastructure, simplifying security analysis and troubleshooting. CloudTrail is enabled on all AWS accounts without any additional configuration.

cloud lockAlso see: Cloud Security and Mitigation of Risk

Amazon Macie is a security service that uses machine learning to automatically discover, classify and protect sensitive data in AWS. This fully-managed service monitors data access activity for anomalies and generates detailed alerts of unauthorised access or inadvertent data leaks – such as sensitive data that a customer has accidentally made externally accessible.

AWS also has Amazon GuardDuty; a threat detection service that continuously monitors for malicious activity and unauthorised behaviour. In the cloud, the collection and aggregation of account and network activities is simplified, but it can be time-consuming for security teams to continuously analyse event log data for potential threats. With GuardDuty, organisations can have an intelligent and cost-effective option for continuous threat detection. The service uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritise potential threats.

GuardDuty analyses tens of billions of events across multiple AWS data sources and can be enabled without any software or hardware to deploy or maintain. By integrating with AWS CloudWatch Events, GuardDuty alerts can be aggregated across multiple accounts and can be combined with existing event management and workflow systems.

Any other tips for securing AWS you would like to share?


Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement

Popular News

May 06, 2020 IT Security News

Popular VPNs Exposed Users to Attacks

Researchers analysed some of the most popular VPNs and discovered that two of them were affected by vulnerabilities that...

May 22, 2020 Cyber Security

EasyJet will be sued over customer data breach

Legal firm PGMBM, a specialist in group legal action, has issued a class action claim under Article 82 of the General Da...

May 19, 2020 IT Security News

EasyJet data breach: Over 9 million customers affected

The personal data of over 9 million EasyJet customers has been infiltrated by hackers, including over 2,000 users' credi...

May 18, 2020 Cyber Security

UK power grid operator Elexon hit by cyberattack

The UK’s power grid middleman Elexon has announced it has fallen victim to a cyberattack, which did not compromise pow...

May 05, 2020 Cyber Security

The importance of cybersecurity for UK businesses

Technology is constantly changing and at a pace which is hard to keep up with, but 'safety first' always applies. ...

May 11, 2020 Cloud Security News

Tips to help secure your cloud data in the UK

In this digital age, it’s not a great idea to trust someone with your sensitive data. ...

May 27, 2020 Cyber Security

UK scared cybercriminals will use NHSX Covid-19 Tracing App to launch attacks

Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep t...

May 28, 2020 IT Security News

UK virus apps highlights tension between privacy and need for data

As more UK and European governments turn to tracing apps in the fight against the coronavirus, a deep-rooted tension bet...

Apr 10, 2020 IT Security News

The importance of security for UK office printers

When it comes to digital security, we tend not to think about printers as they are often seen as dumb devices with a few...

May 25, 2020 Cyber Security

Beware of security threats before deploying remote working

Remote working is receiving a great deal of attention recently for obvious reasons. The world has changed and remote wor...

May 07, 2020 Cyber Security

Three quarters of UK homeworkers haven't received cybersecurity training

As Covid-19-related cybersecurity threats continue to multiply, three in four of home workers are yet to receive any cyb...

May 20, 2020 IT Security News

To VPN or not to VPN for business users

It’s a question many organisations are asking as they work to provide secure and reliable remote access at scale. ...

May 14, 2020 IT Security News

Windows 10 is getting DNS over HTTPS (DoH) support

DNS is one of the last protocols that still runs unencrypted on the Internet. ...

Apr 11, 2020 IT Security News

Tips for testing an IT security experts worth in the UK

There is no shortage of people presenting themselves as security experts. Some of them truly are, the others may or may ...

May 28, 2020 IT Security News

Defence tips to stop a trojan invasion

Knowing not to open email attachments from unfamiliar addresses, or even the email itself, is a vital step to preventing...

Apr 22, 2020 IT Security News

Kaspersky shares 10 security and privacy tips when using Zoom

The recommendations from Kaspersky come following recent concerns regarding Zoom's security and privacy. ...

Advertisement
Symantec Home 120x60

Advertisement