Open in app

Sign in

Write

Sign in

AWS security best practices for non-security professionals

Noureldin Ehab | Creeper.exe
2 min readSep 4, 2022

--

First, we need to understand what makes a system secure.

To say that something got hacked we need to break one of the 3 diagonals of the CIA triad (Confidentiality, Integrity, Availability)

Confidentiality

Preventing sensitive information from unauthorized access attempts.

Ex: Data leakage

Integrity:

Maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed by not authorized people

Ex: A student changing his grades in the university database

Availability:

Information should be consistently and readily accessible for authorized parties (Data can be accessed when we want to)

Ex: DDOS attack

(distributed denial-of-service which occurs when someone tries to visit a website with a lot of devices until the server can’t handle that and crashes and the data becomes unavailable)

Now that we know what is a secure system let’s see what is AWS Security? and how it protects the Confidentiality, Integrity, and Availability of your application

AWS Security Practices

1. Implementing strong password policies

  • Create password requirements that use symbols, numbers, letters, and capital letters
  • Schedule credential resets (every 6 months or so)

2. Implementing 2 Factor Authentication

  • like physical keys, apps like google-authenticator

3. Don’t hard code secrets

4. Use managed IAM policies

5. Follow the AWS News blog

6. Activate all the AWS security controls and services

7. Always use Encryption

8. Keep the Least Privilege Principle in mind

9. Regular data backups

10. Test security (Pentests)

Extra Resources

AWS Security Specialist Certification

I really recommend taking the AWS Security Specialist exam because:

  • It will teach you how to build and implement solutions that enhance the security of AWS instances.

More info about the exam:

Length: 170 minutes to complete the exam

Cost: 300 USD

Visit Exam pricing for additional cost information.

Format: 65 questions; either multiple choice or multiple response questions

……..

Security Best Practices The AWS Well-Architected Way

https://www.youtube.com/watch?v=wfIVI-M7lbQ

AWS Security Maturity Roadmap 2021

https://summitroute.com/blog/2021/01/12/2021_aws_security_maturity_roadmap_2021/

So You Inherited an AWS Account blog by Matt Fuller

https://medium.com/swlh/so-you-inherited-an-aws-account-e5fe6550607d

AWS
Security
Cybersecurity
Best Practices
Ctf

--

--

Noureldin Ehab | Creeper.exe

Written by Noureldin Ehab | Creeper.exe

206 Followers

Software Engineering Student | Cyber Security Enthusiast

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams