Cloud Security Report includes Tips for AWS Users Cloud Security is a bit of an issue in many organizations, according a new report by AlienVault. The report included tips specifically for Amazon Web Services Inc. (AWS), to help improve the situation. AlienVault, which claims it provides Unified Security Management (MSM) and threat intelligence services, released a report last week based on a survey that it conducted at the RSA 2017 security conference. The company surveyed 974 people about cloud security and Internet of Things monitoring. It concluded that cloud security is still a problem for security professionals. Many are still struggling to monitor this environment effectively. The report titled “Cloud & IoT: Or, How I Learned To Stop Worrying about Security & Love Innovation” summarizes the survey results. The most shocking survey statistic is that a third of show attendees describe security monitoring in their organization as “complex and chaotic,” the company stated in a press release. Survey results show a significant disconnect between respondents’ beliefs about cloud security and IoT. The company also highlighted the following highlights in the report:

• 39% of respondents use more that 10 cloud services within their company, while 21% don’t know how many cloud apps are being used.
• Respondents are less confident in their ability detect threats in the cloud than on-premises. However, 47 percent prefer to monitor a cloud environment over an on-premises network.
• While 62 percent are concerned about IoT devices in the environment, 45 percent of respondents believe that IoT benefits outweigh any risks. Alarmingly, 43% of respondents claim that their company doesn’t monitor IoT network traffic, while 20% aren’t sure.

The report included the following tips, which were specifically targeted at AWS users:

• Secure root account credentials. Root accounts are the crown jewels in your cloud environment and are often targeted. If possible, delete the default admin account. Create a separate account for users. Enable multi-factor authentication.
• Use security groups. AWS offers security groups that can be used to restrict access to administrative services like RDP, SSH, and RDP.
• AWS CloudTrail is an essential resource for monitoring AWS environments. It provides a lot of detail, but not all tools can present it in a meaningful manner.
• Use IAM roles and temporary credentials for API requests to eliminate the need to have credentials.
• Your on-premises scanner is not capable of scanning for vulnerabilities in cloud environments. You may need permission from your provider to scan for vulnerabilities in cloud environments.
• Activate VPC flow logs. VPC Flow logs allow you to track information about network traffic through your VPCs. VPC Flow logs can be created from a network interface or a subnet. VPC Flow logs can be used for detecting suspicious traffic, checking for Indicators of Compromises (IOCs), as well as helping during an incident response or forensic analysis following an incident.

These tips are adapted from Jaime Blasco’s blog post “11 Simple But Important Tips to Secure AWS” which was published last month by AlienVault. Blasco stated that as more and more organizations move applications and workloads to AWS, it is important to understand the security issues of AWS and cloud computing in general. “IT environments are becoming increasingly hybrid in nature with many organizations maintaining some infrastructure on-premises.