SEC 6015 Week 6 Discussion

.docx

School

Wilmington University *

*We aren’t endorsed by this school

Course

6015

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

2

Uploaded by Admys

Report
Hello All, Important best practices listed in the video The video discusses the AWS security features and recommendations for best practices to implement those security characteristics in the cloud environment. According to the video, a few best practices are listed below. Understanding the shared responsibility model of AWS is essential for taking better security measures. According to the AWS Shared Responsibility Model, customers and the cloud provider are jointly responsible for the protection of data in the cloud platform. While AWS deals with providing secure infrastructure and services, customers are responsible for the resources and data in the cloud. Understanding different components of the secure global infrastructure of AWS is another best recommendation. Data can be stored in a region specified by the customer based on their latency and availability requirements. Every region comes with two availability zones that contain redundant data for backup and recovery. Ensuring the users have the least access to the resources possible is a very important step. Users should be provided access only to their specific function based on authorization. Identity Access Management (IAM) is used to control access through user policies (AWS Developers, 2015). The final best practice is to secure your infrastructure. AWS offers features like Virtual Private Cloud (VPS) that helps in creating separate subnets and custom instances to preserve the infrastructure in the cloud platform. Best practices in the cloud security Through Shared Responsibility Model, AWS shares the responsibility of securing the cloud resources with the customer. The global infrastructure containing the regions, endpoints, and availability zones along with compute, storage and memory are preserved by AWS. To protect the data, users should employ features like IAM to restrict access. To secure the global infrastructure, AWS IAM is used for managing user access through credentials and permission policies. The credentials could be passwords or multi-factor authentication devices. Since AWS account creation results in root permissions to all the services, IAM should be used to restrict user access to limited resources based on roles and user groups. Securing the infrastructure can be carried out with features like Amazon VPC. In this process, VPC can be connected from the system over the internet or using AWS Direct Connect among other options (AWS Developers, 2015). As a result, custom subnet topology and routing tables can be created in addition to DNS servers. They crossover the CSPs to protect the static data and data in transit. Benefits of best practices
The best practices recommended in the video are aimed towards securing the AWS infrastructure and resources on top of the cloud services. Therefore, these practices like IAM help in access control mechanisms to protect from unauthorized access to data and services. Apart from data protection, infrastructure can be preserved by creating VPCs. Using IAM, IP address ranges can also be restricted besides the user groups. They also help in securing the operating systems from attacks. Auditing and monitoring become easier by following these recommended security practices (Michelle, 2023). References: AWS Developers. (2015, September 8). Journey Through The Cloud – Security Best Practices [Video]. YouTube. https://youtu.be/rXPyGDWKHIo? si=e1rCCUVMAXLJmLzj Links to an external site. Michelle, D. (2023, September 23). AWS Shared Responsibility: Seven Best Practices to Secure Your Cloud Environment. Forbes Technology Council. https://www.forbes.com/sites/forbestechcouncil/2023/09/29/aws- shared-responsibility-seven-best-practices-to-secure-your-cloud- environment/?sh=501277711e3e Links to an external site.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help