AWS security best practices: Multi-factor authentication and beyond

Last week, the news that Code Spaces suffered a breach that overnight put the company out of business and cost their clients untold millions reminded everyone in the IT community how devastating a major data security breach can be for our companies and clients. 

At Logicworks, we manage highly available, compliant cloud infrastructure on Amazon Web Services, and in the wake of this catastrophe, we decided to publish a list of AWS security best practices.

Data security is not binary.  Best practices are to use defense in depth and continuously evaluate what improvements can be made and how the threats are changing.  AWS, and public cloud computing in general, provide many new capabilities, but along with that come new threats and new tools to counter them.  Here are some of our recommendations to improve AWS security and build a good foundation for a secure scalable environment.

Improving Amazon Web Services …