The Ministry of Justice (MoJ) has published the latest set of rules for the users of public cloud services provided by Amazon Web Services (AWS). The rules were outlined as a part of new digital services which offer over 800 different technology systems to be integrated with the use of public and private clouds.
In general, the federal executive department mainly uses AWS and Microsoft Azure for its cloud computing needs. But strictly speaking, it has populated much of its projects and apps over 120 AWS accounts, making the service provider as the largest cloud services provider for the department.
So, the intense usage has made the MoJ publish its security baselines for AWS accounts which sets certain principles to be followed while configuring AWS accounts. The objective was to offer good guidance to the admin teams over architectures and applications without encumbering them.
Thus, as a part of the new initiative, all AWS Public Cloud Storage Services serving the departmental needs will have to abide by the new set of rules freshly formulated. And as a part of it, all potential data breaches will be strictly prosecuted.
MoJ baseline has also recommended the use of AWS Threat Detection, User tracking, and configurationally auditing services on all accounts including CloudTrial and GuardDuty.
Cloud security experts suggest that the newly formulated baseline doesn’t constitute all do’s and don’ts, but outlines all basic things to be done in the increasingly complex cloud portfolios which often witness security and access control failures.