Introduction
Amazon is one of the leading competitors and players in the online-based retailing industry. Amazon Web Services is a complex digital infrastructure that supports this corporation’s business model. It has a database that contains sensitive or confidential information, including credit card details and customer profiles. This makes it an attractive target to phishers, hackers, and scammers. With the increasing cases of cyber insecurity, there is a need to improve the level of database security. This paper gives a detailed description of the best strategies and initiatives to maintain the security of data and services that reside on Amazon Web Services (AWS) infrastructure.
Strategies for Improved Security of Services and Data
The cybersecurity confidentiality, integrity, and availability (CIA) triad is a powerful model for guiding Amazon to maintain the security of services and data that reside on its AWS infrastructure. This means that every proposed action plan needs to maximize confidentiality of information, promote integrity, and ensure that it is available to users on-demand (Malik & Patel, 2016). The first strategy for improving security is by promoting the use of database firewalls. Since this is a digital corporation, there are unique servers that workers access to gather information and fulfill the expectations of different customers.
The use of firewalls will deny hackers from accessing the system. Such technologies will protect existing EBS volumes and databases from launching unneeded outbound connections. These EBS volumes are block-level and durable devices that are attachable to EC2 instances (Alqahtani & Gull, 2018). Web application firewalls are also capable of preventing any SQL injection attack (Malik & Patel, 2016). The combination of the two preventative measures will deliver positive results.
Database hardening is a powerful initiative that can improve the security of Amazon’s critical data. This strategy resonates with the attributes of the CIA triad. This can be achieved by disabling different services and features that are not in use. Passwords and login patterns need to be changed frequently (Alqahtani & Gull, 2018). Unused accounts should be deleted to decrease the chances of phishing activities. The company can go further to support the auditing of the hardened configuration. Any change in the existing configuration should be monitored continuously to prevent compromise.
Amazon can consider the importance of minimizing value for its EBS volumes. This evidence-based strategy means that such devices should not contain unnecessary or underutilized data. This objective can be achieved through continuous management of the collected information. Technicians will delete unwanted information from such volumes. Similarly, databases can be improved by transferring critical information to more secure devices or systems within the wider infrastructure (Vukašinović, 2018).
These measures will ensure that the databases are not susceptible to unwanted threats or attacks. Server and installation histories should be deleted immediately. This is the case since this kind of information is usually valuable to cybercriminals, attackers, and hackers.
The encryption of the information and data stored on this company’s website is a common practice. Similarly, the same process is essential for protecting information contained in EBS volumes. Since data is moved or transferred continuously via the local network, the company can maximize the level of confidentiality through encryption in an attempt to minimize any form of security threat (Malik & Patel, 2016). After this is done, there is a need for Amazon to consider the importance of having backups in different databases. This temporary data also needs to be encrypted.
Controlled database access is a powerful approach for improving the security of the information contained in WBS’ infrastructure. The company can achieve this aim by limiting the number of people or administrators who have minimum authority or privileges regarding the use of the available data. The organization can ensure that such professionals access information only when they need it. Vukašinović (2018) supports the power of automated access, which revolves around the implementation of powerful software.
Managers and administrators should avoid sharing passwords and cards with other employees in an attempt to increase the level of accountability. Password hashes should always remain encrypted and protected. There should also be powerful procedures for monitoring workers who are being moved from division A to B. Every account should be locked if the system records more than three login attempts.
Finally, Amazon can implement a powerful model or strategy for auditing and monitoring every activity on the existing database. This can be achieved by reviewing logs and detecting any unwanted access. With this kind of practice, it will be possible to identify workers who might be engaged in various malpractices. The company can go further to install a database activity monitoring (DAM) software to guide administrators when tracking potential hackers (Vukašinović, 2018). The model will inform authorities whenever a new account is created without the permission of the lead database administrator.
Conclusion
The above suggestions and strategies are capable of improving the safety of Amazon’s databases and EBS volumes. Such measures are guided by the CIA triad and create a new opportunity for minimizing unnecessary access, deleting unwanted histories, and improving management. Those in charge should also maintain the existing databases tightly, install firewalls, and terminate unauthorized accounts. Such measures will protect clients’ sensitive data and eventually support this company’s business model.
References
Alqahtani, A., & Gull, H. (2018). Cloud computing and security issues – A review of Amazon web services. International Journal of Applied Engineering Research, 13(22), 16077-16084.
Malik, M., & Patel, T. (2016). Database security – Attacks and control methods. International Journal of Information Sciences and Techniques, 6(1/2), 175-183. Web.
Vukašinović, M. (2018). Cyber security measures in companies. International Journal of Economics and Statistics, 6, 125-128.