Tokenization, and access control where appropriate. Protect data in transit and at rest: Classify your data into sensitivity levels and use mechanisms, such as encryption, Create secure architectures, including the implementation of controls that are defined and managed as code in Operating system, application, and code).Īutomate security best practices: Automated software-based security mechanisms improve your ability to securely scale (for example, edge of network, VPC, load balancing, every instance and compute service, Log and metric collection with systems to automatically investigate and take action.Īpply security at all layers: Apply a defense in depth approach with multiple security controls. Centralize identity management,Īnd aim to eliminate reliance on long-term static credentials.Įnable traceability: Monitor, alert, and audit actions and changes to your environment in real time. Implement a strong identity foundation: Implement the principle of least privilege and enforce separation of duties with appropriateĪuthorization for each interaction with your AWS resources. There are seven design principles for security in the You can find prescriptive guidance on implementation in the Security Pillar whitepaper.
The security pillar provides an overview of design principles, best practices, and questions. The Security pillar includes the security pillar encompasses the ability to protectĭata, systems, and assets to take advantage of cloud technologies to improve your
0 kommentar(er)
