Security

• Includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies

• Design Principles

  • Implement a strong identity foundation - Centralize privilege management and reduce (or even eliminate) reliance on long-term credentials - Principle of least privilege - IAM

  • Enable traceability - Integrate logs and metrics with systems to automatically respond and take action

  • Apply security at all layers - Like edge network, VPC, subnet, load balancer, every instance, operating system, and application

  • Automate security best practices

  • Protect data in transit and at rest - Encryption, tokenization, and access control

  • Keep people away from data - Reduce or eliminate the need for direct access or manual processing of data

  • Prepare for security events - Run incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery

  • Shared Responsibility Model

Last updated