AWS security best practices for non-security professionals

First, we need to understand what makes a system secure.

To say that something got hacked we need to break one of the 3 diagonals of the CIA triad (Confidentiality, Integrity, Availability)


Preventing sensitive information from unauthorized access attempts.

Ex: Data leakage


Maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed by not authorized people

Ex: A student changing his grades in the university database


Information should be consistently and readily accessible for authorized parties (Data can be accessed when we want to)

Ex: DDOS attack

(distributed denial-of-service which occurs when someone tries to visit a website with a lot of devices until the server can’t handle that and crashes and the data becomes unavailable)

Now that we know what is a secure system let’s see what is AWS Security? and how it protects the Confidentiality, Integrity, and Availability of your application

AWS Security Practices

1. Implementing strong password policies

  • Create password requirements that use symbols, numbers, letters, and capital letters
  • Schedule credential resets (every 6 months or so)

2. Implementing 2 Factor Authentication

  • like physical keys, apps like google-authenticator

3. Don’t hard code secrets

4. Use managed IAM policies

5. Follow the AWS News blog

6. Activate all the AWS security controls and services

7. Always use Encryption

8. Keep the Least Privilege Principle in mind

9. Regular data backups

10. Test security (Pentests)

Extra Resources

AWS Security Specialist Certification

I really recommend taking the AWS Security Specialist exam because:

  • It will teach you how to build and implement solutions that enhance the security of AWS instances.

More info about the exam:

Length: 170 minutes to complete the exam

Cost: 300 USD

Visit Exam pricing for additional cost information.

Format: 65 questions; either multiple choice or multiple response questions


Security Best Practices The AWS Well-Architected Way

AWS Security Maturity Roadmap 2021

So You Inherited an AWS Account blog by Matt Fuller



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store