Since the start of the global pandemic in March 2020 security breaches have become more prevalent. The increase in remote working, reliance upon the cloud, growing sophistication of attacks and attackers taking advantage of new opportunities have all contributed to the increased risk.
Notable attacks from 2020 included an increase in attacks on the public sector such as education, non-profit and government organisations with the Blackbaud and Hackney Borough Council attacks being amongst the most notable.
MTI partner AWS places the highest priority on security and provide a data centre and network architecture that is built to meet the requirements of the most security-sensitive, such as those in the public sector.
AWS delivers both a secure cloud computing environment and innovative security service to satisfy the security and compliance needs of the most risk-sensitive organisations. The scale and global reach of AWS gives them perspective and visibility on cloud security, which they rapidly reinvest back into their infrastructure and services.
Building on the most secure global infrastructure, with AWS organisations own their own data, they have the ability to encrypt it, move it and manage retention. Partnering with a large community of security partners helps AWS meet many regulatory and compliance requirements and support more security standards and compliance certifications than other providers, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171.
Preventing public sector security breaches with AWS
There are a number of preventative controls that can be leveraged to enhance the security posture of organisations. We’ll take a look at some of the controls organisations in the public sector can use to help them avoid being compromised.
Multi-factor authentication
Public sector organisations moving into the cloud should consider developing strategies around using multi-factor authentication (MFA). Using hard tokens and soft tokens and moving away from traditional password schemes can help add layers to your defence and make it more secure.
MFA is a simple best practice, when a user signs in to an AWS Management Console, they will be prompted for their username and password, this is the first factor and the information they know. Once entered they will be asked for the second factor (what they have), an authentication code from their AWS MFA device. Access will only be granted once both the first and second factors are entered correctly.
Identify and Access Management (IAM)
Identify and Access Management (IAM) solutions can help to prevent privileged user accounts from being compromised by providing advanced management of user roles and privileges. IAM allows organisations to define exactly who uses cloud resources and when and how they use them.
IAM enables organisations to monitor behaviours and trigger pre-configured responses to unusual activity and set alerts to prevent accounts from being abused. An IAM system uses two-factor authentication and single sign-on to help further prevent takeover of key user accounts.
AWS IAM allows you to manage IAM users and their access, manage IAM roles and their permissions and manage federated users and their permissions. Organisations can manage permissions in order to control which operations a user can perform, users can be privileged administrators, end users or systems.
It is good practice to always follow the least privilege approach, whereby you grant users the minimum amount of privilege they require to perform the tasks they need to perform. Managing IAM roles can help organisations define what servers, services, people and groups can operate within your environment.
Creating fine-grained IAM roles within your organisation and assuming roles can help you give permission programmatically for a period of time or under certain conditions. This gives users the permission they need to perform the required tasks and then removes access once complete to help strengthen security and close any gaps that could be compromised.
Encryption everywhere
It is best practice to encrypt as much as possible, including when data is in transit and while it’s at rest. AWS offers you the ability to add a layer of security to your data at rest in the cloud, providing scalable and efficient encryption features.
These include flexible key management options, including AWS Key Management Service, that allow you to determine whether to have AWS manage the encryption keys or enable you to keep complete control over your own keys.
Getting into the practice of encrypting data as much as possible can help organisations in the public sector secure their environments. While encryption may seem like a complex task, the cloud and AWS make it simpler.
Next Steps
Are you prepared for an attack? Ransomware is evolving and your awareness and preparedness should be too.
Leveraging AWS Cloud to Support Data Classification
Data Classification is a crucial step in cyber security risk management. Whether data is processed and stored in on premise systems or the cloud, data classification is the first port of call for determining the appropriate level of controls for the confidentiality, integrity and availability of data based on risk to the organisation.
Contact us today to learn more about how we can safeguard your organisation’s digital assets.