This is the 4th & final post in a short series on the shared responsibility model for security in the AWS Cloud. Please take a few minutes to read the others: part 1, part 2, and part 3 Shellshock Shellshock (which entails a number of CVE’s), is a bug that affects bash, a command line…
Read MoreThis is the third post in a short series on the shared responsibility model for security in the AWS Cloud. Please take a couple of minutes to read part 1 and part 2. POODLE Another bug with a catchy name, POODLE, is actually an acronym. It stands for “padding oracle on downgrade legacy encryption.” This…
Read MorePeople who drive recklessly to the airport, at a high rate of speed while clutching a cellphone to their ear, only to then board the plane and pray it does not crash, often bewilder me. Don’t they realize they bear some responsibility for arriving safely at their destination? Trend Micro’s webinar on the new PCI…
Read MoreIn last week’s post, Protecting your resources with AWS Identity and Access Management, Justin covered the basics of AWS Identity Access Management (IAM). This week, we’re going to take a look at password policies and multi-factor authentication using IAM. Password Policies The value of a strong passwords is well known. Most organizations already have a password…
Read MoreOver the next several weeks, we will be discussing best practices for securing your Amazon Web Services (AWS) environment. Before we dive into securing your instances, applications and data, we have to start from the top. As part of the AWS shared responsibility security model, consumers of AWS play a significant role in securing their…
Read More
