Apply a few basic hardening principles to secure your cloud environment.
I've written about simple server-hardening
techniques in the past. Those articles were inspired in part by the Linux Hardening in
Hostile Networks book I was writing at the time, and the idea was to
distill the many different hardening steps you might want to perform
on a server into a few simple steps that everyone should do. In this
article, I take the same approach only with a specific focus
on hardening cloud infrastructure. I'm most familiar with AWS, so my
hardening steps are geared toward that platform and use AWS terminology
(such as Security Groups and VPC), but as I'm not a fan of vendor lock-in,
I try to include steps that are general enough that you should
be able to adapt them to other providers.