Cybersecurity for Amazon Web Services Infrastructure

Strategies for Improved Security of Services and Data

The cybersecurity confidentiality, integrity, and availability (CIA) triad is a powerful model for guiding Amazon to maintain the security of services and data that reside on its AWS infrastructure. This means that every proposed action plan needs to maximize confidentiality of information, promote integrity, and ensure that it is available to users on-demand (Malik & Patel, 2016). The first strategy for improving security is by promoting the use of database firewalls. Since this is a digital corporation, there are unique servers that workers access to gather information and fulfill the expectations of different customers.

The use of firewalls will deny hackers from accessing the system. Such technologies will protect existing EBS volumes and databases from launching unneeded outbound connections. These EBS volumes are block-level and durable devices that are attachable to EC2 instances (Alqahtani & Gull, 2018). Web application firewalls are also capable of preventing any SQL injection attack (Malik & Patel, 2016). The combination of the two preventative measures will deliver positive results.

Database hardening is a powerful initiative that can improve the security of Amazon’s critical data. This strategy resonates with the attributes of the CIA triad. This can be achieved by disabling different services and features that are not in use. Passwords and login patterns need to be changed frequently (Alqahtani & Gull, 2018). Unused accounts should be deleted to decrease the chances of phishing activities. The company can go further to support the auditing of the hardened configuration. Any change in the existing configuration should be monitored continuously to prevent compromise.

Amazon can consider the importance of minimizing value for its EBS volumes. This evidence-based strategy means that such devices should not contain unnecessary or underutilized data. This objective can be achieved through continuous management of the collected information. Technicians will delete unwanted information from such volumes. Similarly, databases can be improved by transferring critical information to more secure devices or systems within the wider infrastructure (Vukašinović, 2018).

These measures will ensure that the databases are not susceptible to unwanted threats or attacks. Server and installation histories should be deleted immediately. This is the case since this kind of information is usually valuable to cybercriminals, attackers, and hackers.

The encryption of the information and data stored on this company’s website is a common practice. Similarly, the same process is essential for protecting information contained in EBS volumes. Since data is moved or transferred continuously via the local network, the company can maximize the level of confidentiality through encryption in an attempt to minimize any form of security threat (Malik & Patel, 2016). After this is done, there is a need for Amazon to consider the importance of having backups in different databases. This temporary data also needs to be encrypted.

Controlled database access is a powerful approach for improving the security of the information contained in WBS’ infrastructure. The company can achieve this aim by limiting the number of people or administrators who have minimum authority or privileges regarding the use of the available data. The organization can ensure that such professionals access information only when they need it. Vukašinović (2018) supports the power of automated access, which revolves around the implementation of powerful software.

Managers and administrators should avoid sharing passwords and cards with other employees in an attempt to increase the level of accountability. Password hashes should always remain encrypted and protected. There should also be powerful procedures for monitoring workers who are being moved from division A to B. Every account should be locked if the system records more than three login attempts.

Finally, Amazon can implement a powerful model or strategy for auditing and monitoring every activity on the existing database. This can be achieved by reviewing logs and detecting any unwanted access. With this kind of practice, it will be possible to identify workers who might be engaged in various malpractices. The company can go further to install a database activity monitoring (DAM) software to guide administrators when tracking potential hackers (Vukašinović, 2018). The model will inform authorities whenever a new account is created without the permission of the lead database administrator.

Conclusion

The above suggestions and strategies are capable of improving the safety of Amazon’s databases and EBS volumes. Such measures are guided by the CIA tri