There are so many AWS security best practices, and you should try and adopt as many as possible in an effort to enhance your security posture. I want to highlight and review a number of common best practices that are easy to implement and could play a huge role in protecting your solutions and data:
- Enable multi-factor authentication (MFA): In addition to a password that is required for users to authenticate to AWS, it is recommended to implement MFA to add a second layer of authentication. By using MFA, you are required to enter a randomly generated six-digit number once you have entered your password when using the AWS Management Console. This is a best practice for your AWS root account and any other user accounts that have elevated privileges. This was covered in Chapter 3, Access Management.
- Enable AWS CloudTrail: This service should be enabled within all regions that you operate your AWS solutions. It is essential in helping you to monitor...