Bobcares

AWS security issues – How we handle it

PDF Header PDF Footer

Despite Amazon Web Services (AWS) being the most common cloud service provider, AWS customers are still learning to deal with AWS security issues.

Here at Bobcares, we have seen several such AWS-related queries as part of our AWS Support Services for AWS users, and online service providers.

Today we’ll take a look at how to create a virtual machine using Lightsail in AWS.

 

How to handle AWS security issues

Here are some of the most common challenges of AWS security. Also, let’s see some of the ways our Support Engineers handle them.

 

1. Prioritizing a Security Strategy Ahead of Controls and Tools

Firstly, we need to prioritize cloud security. Then we need to put the tools and controls in place. Establishing the security strategy is more important.

The strategy should come first so that when assessing a control or tool, you can better determine if and how it supports your strategy.

 

2. Overcoming the Lack of Security Visibility in the Cloud

Since there are enormous cloud users, having varying logins and controls, it is hard to know at all times who is accessing what and where across the organization and, even more importantly, if any of the activity is malicious or anomalous.

So the lack of security visibility becomes more magnified when there is no security strategy supporting the implementation and management of these applications.

Here are the steps that we follow to improve the visibility of AWS.

  • Taking an inside-out perspective – We need to focus more on what is happening on a host or workload.
  • Going beyond logs – Logs only provide a narrow view of what is going on. The network-based intrusion detection (NIDS) does not give you much to work with after a compromise. That is where host-based intrusion detection (HIDS) comes into play.
  • Protect against the insider threat – If any problem arises, it is very important to understand all the bad actors. Sometimes, it can be an internal issue.

 

3. Improving Confidence in Cloud Provider Security

Even though AWS offers many useful out-of-the-box security tools and configurations, such as AWS CloudTrail and Amazon Cloud Watch for logging and monitoring, it is important to protect data within sensitive workloads.

 

4. Defining Who is Liable to fix AWS issues

Liability is very important because when a security incident occurs, you need to know who is responsible so you can take appropriate action.

 

5. Understanding Why Attackers are Attracted to the Cloud

Companies trust a lot of sensitive data to cloud service providers like AWS. Credential theft is the main reason for many security incidents.

Here are different ways to protect the credentials and data:

  • Turning on multi-factor authentication (MFA).
  • Monitor for anomalous logins using continuous security monitoring.
  • Implementing a logging service at the host level.
  • Using AWS Secrets Manager or a different secrets management system to rotate credentials.

 

6. Securing Containers in AWS to tackle security issues

Securing the container network is one of the biggest issues when using AWS. This is due to the lack of context that the VPC has for any overlay network running on top.

Amazon Security Groups apply security policies to each cluster but are unable to do this with individual pods. When your business is attempting to troubleshoot or to gain better visibility into communications, insight will stop at the traffic between the hosts in the cluster rather than the pods resulting in security blind-spots.

So, you need two solutions to control your cloud-hosted network. One handles your VM policies, while another governs your containers.

[Need any further assistance in handling AWS security issues – We are here to help you.]

 

Conclusion

Today, we saw how our Support Engineers create a virtual machine using Lightsail in AWS.

Get 24x7 monitoring for your AWS servers

There are proven ways to get even more out of your AWS Infrastructure! Let us help you.

Spend your time in growing business and we will take care of AWS Infrastructure for you.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Speed issues driving customers away?
We’ve got your back!

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF