Top 10 Tips for Protecting Your AWS Cloud from Malware

AllCloud Blog:
Cloud Insights and Innovation

Who can forget last year’s malware attack against Dyn that took down the internet paralyzing huge names like AirBNB, Twitter, Visa, and Netflix. Experts forecast that this year the threat of malware attacks will increase from the last, so protecting your devices against malware will prevent you from being a victim of more severe attacks like DDoS. Here are 10 quick tips to help you minimize your cloud’s vulnerability to malicious software.

1. Security Awareness

Talk to your users, send them weekly reminders and train them on how to detect and react to phishing emails and watch out for social engineering. Know your File Formats, be mindful of what you are clicking on and only accept incoming files when you expect them and from people who you know.

2. Don’t Build Your Security Policy Around Your Office Location

Your users are often working remotely from home, hotels,  and public wifi so assume that your office location is just another untrusted public place and build the security policy with this in mind.

3. Decouple Office / Corporate and Production Environments

Create a different strategy for your office and production environments, don’t connect the office to your production networks just because it’s easier for users to connect. Make sure to have the right safeguards between users / desktops and servers and definitely firewall your guest networks.

4. Keep All Operating Systems Updated

Ensure that your desktops and servers are updated with all the most recent available security patches.

5. Use host-based FIM, Threat and Malware Protection

Make sure that all your systems, desktops and servers are running high quality Endpoint Protection agents and that they are updated. Remember to schedule and run scans at regular intervals.

6. Deploy WAF, Network IPS and DNS Security

Track your modern datacenter / cloud traffic using Threat Protection and IPS modules as well as Traffic Modeling technologies. In the cloud there are lot’s of services which are not virtual machines that you can’t install host based protection on them. To track their traffic and behaviors, use network based solutions and always use multiple layers of security.

7. Web Filtering

Deploy a proxy with content inspection solution to be able to analyse and whitelist traffic downloaded or leaving your datacenter towards external endpoints. Today’s API’s are no longer behind fixed IP which requires white listing of domains and URL’s other than IP addresses.

8. Central Logging and Alerting

Collect all security logs into a SIEM or at least a Central Logging system and create alerts.

9. Local and Offsite Backup

Always make sure to have a local  and offsite backup of your critical data, remember that the cloud providers are giving you all the tools to backup your data but not necessarily executing the backups for you.

10. Consult with Experts

Consult with an experienced expert partner that uses modern technologies and is fully adapted to the cloud to architect, build and manage your environment.

Lahav Savir

Founder and CTO, Cloud Platforms

Read more posts by Lahav Savir