In this summary we have captured the presentation by Julian Busic and Byron Pogson from Amazon Web Services on safety configurations in cloud environments.   

The shared learnings from this event highlight the importance of keeping up to date with good data hygiene to ensure the continued security of your cloud environment. Keeping in step with basic principles helps to minimize risks when working in the cloud.  

The importance of data security is reinforced by the regulator’s focus here including APRA’s prudential standards such as CPS230 and CPS234. In addition, a letter recently received by all regulated entities including super funds, explicitly outlines the expectation on data security and resilience through the use of backups. It is essential that workplaces have appropriate systems in place as cloud configurations become more widely used. 

Below are some of the key areas of data hygiene that are important to keep on top of: 

• Security by design – architect for security and resilience.  

When planning solutions, explore multiple deployment strategies. In the process and setup of systems it’s beneficial to make sure that systems are resilient and have a principality approach for continuous improvement and testing. Resiliency in these systems should encompass a high ability to scale for a single or multiple component failure events through design and operational mechanisms. It’s also important to ensure Disaster Recovery process’ for backup, recovery and data bunkering are in place so that operations can return to normal within specified tolerance levels.  

• Be vigilant with ensuring that account contact information is correct and up to date. 

Ensuring that contact details for yourself and your organization are up to date is paramount for timely contact in the event of a incident or identified vulnerability. Cloud platforms rely on this information to be up to date in order to notify you in case of a breach. Maintaining a regular audit of key contacts helps mitigate potential communication interruptions.  

• Always use MFA, ensuring you validate IAM roles and rotate keys 

Always use MFA and utilize password protection platforms to help keep account information safe. Ensuring that IAM roles and rotating keys are used makes it harder for cyber criminals to keep track of patterns and hacking into accounts. 

• Limit the number of users in security groups 

Limiting the number of users in security groups helps minimize the potential loops of information shared. Security groups help limit what can be accessed and by whom, mitigating the risk of unauthorised access.  

• Centralise cloud trail logs 

It’s important to centralise all cloud trails and to make sure they’re kept central and easily accessible. Cloud trails keep a record of who did what in cloud environments and in order of sequence of events. Machines can quickly read trails and analyse where problems may have occurred. Having a centralised storage of logs will help ensure access to logs is quicker and easier to obtain and identify issues.  

• Action findings and alerts in a timely manner  

Following from centralising Cloud trails, it’s beneficial to systematically analyse and record documented findings from a breach event. Ensuring appropriate steps are taken and implemented in a timely manner is beneficial for safeguarding your environment.  

• Implement intentional data policies 

It’s important to review and classify data findings across your ecosystem and ensure that all participants across your ecosystem are subject to relevant policies that incentivise strong data security practices. Utilising policy structures will help with this process of classifying data and its controls.  

• Insert security principles into development cycles to enable you to be more agile and assist your dev teams to design secure applications 

Work with development teams from the beginning stages to design secure systems earlier in the process. A following advantage of working with development teams is that it will also enable quicker fixes and to allow for faster learnings from findings that arise.  

If you’d like to learn more or be informed about future cyber forums, visit Contact Us – Gateway Network Governance Body (gngb.com.au) and sign up to our news.