Five Pillars for well-architected AWS security
This is the first in a series of seven on the five pillars for well-architected AWS security. For the entire series, visit the Five pillars – AWS blog page here.
The cloud is transformational – but the cloud is different. Companies migrating to the cloud quickly – and sometimes painfully – learn that translating their on-premises security framework to the cloud is more difficult than they presumed. Not all on-premises solutions will work the same if at all in the cloud, cloud infrastructures themselves contain numerous security services that need to be incorporated, and the very mechanisms behind operating securely in the cloud are different than traditional on-premises solutions.
AWS has defined its Well-Architected Security Framework with seven principles and five pillars. The principles behind the AWS Well-Architected Security Framework are:
- Implementing a strong identity foundation
- Enable traceability
- Apply security at all layers
- Automate security best practices
- Protect data in transit and at rest
- Keep people away from data
- Prepare for security events
Instituting these principles falls into five “best practice areas” which form the five pillars of this framework. These five pillars are:
- IAM – Identity Access Management
- Detective Controls
- Infrastructure Protection
- Data Protection
- IR – Incident Response
Customers who achieve a well-architected security approach leverage these pillars in a serial manner – i.e., they ensure IAM requirements are understood and resolved before moving onto Detection Controls, etc. A serial approach also avoids missing key elements that can occur if security is approached on a piecemeal basis.
Customers who achieve actionable cloud security approach leverage these pillars in a sequential manner – i.e., they ensure IAM requirements are understood and resolved before moving onto Detection Controls, etc. By understanding security this way, organizations can ensure they don’t miss key elements that can be overlooked when security is approached on a piecemeal basis.
Success in developing an actionable cloud security framework comes from understanding how this framework applies to a particular customer’s situation. The purpose of this blog series is to help organizations gain an understanding of these pillars and how to approach them, so organizations can avoid the pitfalls and risks of an ad-hoc approach to cloud security.
In this blog post series, we’ll look at each of these pillars individually as well as strategies that can manage security across these five key pillars. In our next blog, we’ll look at IAM or Identity Access Management.