Serverless Craic Ep9 AWS Security Pillar episode artwork

EPISODE · Jan 24, 2022 · 14 MIN

Serverless Craic Ep9 AWS Security Pillar

from Serverless Craic from The Serverless Edge · host Treasa Anderson

Send us Fan MailThis week, we're continuing our series looking at each of the pillars of the well architected framework. We talked about the operational excellence pillar in the last episode.We're going to talk about security this time which is our favourite well architected pillar. There are 10 questions for this pillar and a couple of different sections.The well architected security pillar is aimed at checking how secure your organisation is. It goes into things like:How are you managing accounts? Is your control tower hooked up?Are you using guard duty?It promotes team awareness of security across the organisation.The types of things to engage with when looking at workload are blast radius:If something goes down, how are we going to recover it?Or is there a case there for failover?Or resiliency?It is broad but there are things you can zoom in and focus on in that question.With the modern techniques, capabilities and improvements, you can be fine grained and have more accounts. Single sign also helps manage that burden. And AWS organisations, control tower and cloud trail are mature capabilities that help you get a good initial posture.One thing about well architected is that there is a nice flow to the questions and sessions.The first question: 'how do you securely operate your workload?', straight away gets into identity and access management, your inventory of people on machines and how you manage that. Or how do you manage blast radius, permissions, and the process of adding and removing people, accounts, machine accounts and different resources.In a modern cloud environment, rule number one is that it is tightly managed and automated. Normally, it ties back into the enterprise or a broader policy and it gets teams asking what are the authorization controls for this component.The next is one of my favourite: detective controls, how you detect and control security events. I always love the way security people talk about 'left of attack': all the things that happen before the attack. There is the time when the attack happens and that's panic stations. But there's usually a whole bunch of stuff before that, that you can act on. And that could be two years prior. So there's a whole mindset around detecting weird activity when people are probing your system, before the actual attack. That's the hunter side of cybersecurity when people try to find breaches.The next one is data protection. There's stuff here about both encryption etc, in rest and in transition. We have mentioned that code as a liability. Your data can also be a liability that you need to manage appropriately. Organisations have a good data classification document or something that describes data classification as it pertains to the industry or the organisation.The last section is 'incident response'. It's fairly self explanatory. How do you respond and recover from incidents? You want to be well drilled with as much automation as possible. Sounds straightforward. But it's complicated. It ties back to the operational excellence pillar. You're anticipating these events ahead of time. If you're anticipating them, you have associated runbooks or playbooks to facilitate squads in particular circumstances. In the security pillar, there's a nice arc that starts with people and ends with people. It goes through all the technical stuff in the middle. But security is a 'people' responsibility.Serverless Craic from The Serverless Edgetheserverlessedge.com@ServerlessEdgeServerless CrAIc from The Serverless EdgeCheck out our book The Value Flywheel Effect Follow us on X @ServerlessEdgeFollow us on LinkedIn Subscribe on YouTube 

Send us Fan Mail This week, we're continuing our series looking at each of the pillars of the well architected framework. We talked about the operational excellence pillar in the last episode. We're going to talk about security this time which is our favourite well architected pillar. There are 10 questions for this pillar and a couple of different sections. The well architected security pillar is aimed at checking how secure your organisation is. It goes into things like: How are you managin...

NOW PLAYING

Serverless Craic Ep9 AWS Security Pillar

0:00 14:07

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Serverless Craic from The Serverless Edge?

This episode is 14 minutes long.

When was this Serverless Craic from The Serverless Edge episode published?

This episode was published on January 24, 2022.

What is this episode about?

Send us Fan MailThis week, we're continuing our series looking at each of the pillars of the well architected framework. We talked about the operational excellence pillar in the last episode.We're going to talk about security this time which is our...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this Serverless Craic from The Serverless Edge episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!