Network Security

• physical env security
• logical network security
  • security of link, protocol and application layer services

Cryptography

• encryption
  • data in transit
  • data at rest
  • key management

Key management

• remote key management service (also see AWS/KMS)
• client-side key management

Access control

IAM

includes people, processes and systems that are used to manage access to enterprise resources (also see )

Data and Media Sanitization

Vendor lock-in

highlights where a customer may be unable to leave, migrate, or transfer to an alternate provider due to technical or nontechnical constraints

Virtualization Security

• Hypervisors

• running directly on the hardware with VMs resources provided by the hypervisor. “Bare metal” hypervisors (examples: VMWare ESXi, Citrix )

• run on a operating system to provide virtualization services (examples: VMWare Workstation, )

Common Threats

• Data Breaches
• Data Loss
• Account or Service Traffic Hijacking
• Insecure Interfaces and APIs
• Denial of Service
• Malicious Insiders
• Abuse of Cloud Services
• Insufficient Due Diligence
  • not understanding the risks
• Shared Technology Vulnerabilites

Articles

• 2023-05-25 ◦ 50 AWS Security Tips To Secure Your Environment