Security

• Includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies

• Design Principles

• Implement a strong identity foundation - Centralize privilege management and reduce (or even eliminate) reliance on long-term credentials - Principle of least privilege - IAM

• Enable traceability - Integrate logs and metrics with systems to automatically respond and take action

• Apply security at all layers - Like edge network, VPC, subnet, load balancer, every instance, operating system, and application

• Automate security best practices

• Protect data in transit and at rest - Encryption, tokenization, and access control

• Keep people away from data - Reduce or eliminate the need for direct access or manual processing of data

• Prepare for security events - Run incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery

• Shared Responsibility Model