2025 Update on Developments in AWS Security
AWS continues to evolve its security offerings, addressing emerging threats and improving cloud security. Here are some of the recent advancements:
-
AWS Identity Center: AWS has introduced AWS Identity Center (formerly AWS Single Sign-On) for centralised access management across multiple AWS accounts and applications.
-
S3 Enhancements: AWS implemented new S3 features such as S3 Object Lock for immutable storage and S3 Access Points for fine-grained access control.
-
AI-Powered Security: AWS Macie now offers automatic sensitive data discovery and protection using advanced machine learning algorithms.
-
Network Security: AWS Network Firewall and AWS Network Access Analyzer have been introduced for improved network protection and analysis.
Despite these advancements, AWS users still face critical security challenges, particularly during the configuration stage. Missteps in setup can lead to vulnerabilities, exposing organisations to potential breaches and operational risks.
Main AWS security concerns
When developing or hosting using AWS, some of the most common and serious AWS security concerns include:
- Insufficient Permissions and Encryptions
- Accidentally making Amazon Machine Images (AMIs) public
- Identity and Access Management (IAM) given too much control/access, indirectly
- CloudTrail logging disabled, or not enabled
- S3 buckets logging disabled, or not enabled
- Not enough IP addresses enabled within a Virtual Private Cloud (VPC)
- Network Access Control List (NACL) allowing too much inbound traffic
In this article, we look at these seven AWS security issues, and how to fix them. Although AWS is one of the largest and most secure cloud-providers on the planet, there are a lot of things that can go wrong, and often this happens during the configuration stage.
Without realising it, even experienced IT teams can configure AWS solutions in such a way as to cause serious potential security issues and problems down the road.
No one wants that to happen, of course. Security weaknesses and vulnerabilities can undermine an entire Enterprise security architecture, giving hackers and cyber criminals access to your network, IT infrastructure, apps, websites, email, and numerous other internal systems. Here are seven of the most serious AWS cloud security problems, and solutions for these.
Top 7 AWS Security Best Practices
#1: Insufficient Permissions and Encryptions
Within AWS is the option to store and retrieve data using the Simple Storage Service (S3) infrastructure, also known as S3 buckets. Users can choose to create a bucket within a specific region (anywhere in the world you choose), and upload the data quickly and cheaply.
However, the problem is that it’s too easy to make what should be a private bucket public. This means that anyone with an AWS account, and even anonymous users who can access it, one way or another. In 2018, Symantec found that 70 million buckets were accessible or had data stolen or leaked due to poor configuration issues.
Solution: Making sure, at the configuration stage, that an S3 bucket is private, or permissions have been granted the right way to specific users or groups, especially if you’re storing anything sensitive within this bucket. Implement AWS Identity Center for centralised access management and use AWS Macie for automatic sensitive data discovery and protection.
#2: Accidentally making Amazon Machine Images (AMIs) public
Amazon Machine Images (AMIs) contain everything anyone would need to launch an Amazon Elastic Compute Cloud (EC2) instance. AMIs contain everything you would need to replicate something a company is already using for elastic cloud-based storage (e.g. the operating system, server and applications).
Accidentally making an AMI public makes your company incredibly vulnerable to security threats and is unfortunately easy to do in error. Anyone with an AWS account can even be shared within an AWI catalog, which could mean sensitive data is shared in the public domain.
Solution: At the configuration stage, making sure an AMI is set to private is the most effective way to avoid what could be a very expensive, embarrassing and time-consuming mistake and security error.
#3: Identity and Access Management (IAM) given too much control/access indirectly
With Identity and Access Management (IAM), users can set and grant, control and revoke access to AWS accounts and services. However, as one of the most common Amazon cloud issues, access can be set incorrectly, potentially giving the wrong users too much control, or access to sensitive data they shouldn’t have.
Solution: Definitely an AWS cloud security best practices that should be monitored closely and reviewed by a trusted development and security partner, to ensure the right users have the correct permissions to maintain security protocols within the Enterprise. Implement AWS IAM Access Analyzer to identify unintended resource access and use AWS Organizations with Service Control Policies (SCPs) for granular permission management.
#4: CloudTrail logging disabled or not enabled
Amazon CloudTrail tracks and monitors every API call made against their account. It logs all of the records then deposits them in the relevant S3 bucket. Unfortunately, this is a service that too many users either disable or fail to enable, which means you never know where API requests are being made from. As an AWS cloud security, this is a serious one, because you could be under a DDoS attack without realising it, and not knowing where the attack is coming from.
Solution: Enable AWS CloudTrail Lake for long-term, immutable log storage and implement AWS Security Hub for centralized security alerts and compliance checks.
#5: S3 buckets logging disabled, or not enabled
Similar to the above AWS security problem: if S3 bucket logs aren’t enabled, or have been disabled, then you’ve got a potentially serious security weakness within your AWS account(s).
Solution: Use S3 Intelligent-Tiering for cost-effective, automatic data lifecycle management and regularly run S3 Storage Lens for data protection insights.
#6: Not enough IP addresses enabled within a Virtual Private Cloud (VPC)
Within Virtual Private Cloud (VPC) infrastructures, such as VPNs, administrators need to set enough IP addresses to ensure everyone who needs it can access the VPN or VPC. Having too many open and set could be a weakness in itself, but not enabling enough might mean those who need additional security can’t get into the VPN.
Solution: As a customizable solution, IT and cloud admins need to ensure any VPC or VPN environment is configured according to who needs access, with the relevant permissions and security monitoring in-place, to avoid a VPN and anything contained and transmitted within being made public. Implement AWS Network Firewall for centralised network protection and use AWS PrivateLink for secure service access.
#7: Network Access Control List (NACL) allowing too much inbound traffic
A Network Access Control list (NACL) is another optional layer of AWS security that can control traffic in and out of a subnet within a network, such as a VPC or VPN. Another worrying AWS security concerns, is that if access is configured the wrong way, you could give anyone access (especially if NACL rule #100 is accidentally set), thereby creating a major security issue.
Solution: Make sure this is configured the right way, and always monitor access and traffic.
AWS has created one of the most secure, flexible and configurable sets of cloud-based storage solutions in the world. But at the same time, there are many many security concerns when it comes to AWS, and so much of those come down to the way users configure accounts, access, network permissions, and numerous other settings.
Emerging AWS Security Considerations for 2025
As cloud environments grow more complex, staying ahead of security trends is critical. Here are key considerations for 2025:
-
Container Security: Use Amazon ECR image scanning and follow Amazon EKS security best practices.
-
Serverless Security: For Lambda functions, use AWS Lambda function URLs with IAM authorisation.
-
AI/ML Security: Implement Amazon SageMaker security best practices and ensure responsible use of AWS AI services.
-
Zero Trust: Adopt AWS Zero Trust architecture principles across your entire AWS environment.
By addressing these considerations and applying best practices, businesses can maintain robust security in a rapidly evolving cloud landscape.
AWS provides secure, flexible, and configurable cloud solutions, but misconfigurations can lead to significant vulnerabilities. With Pwrteams, you gain a trusted partner to optimise and secure your AWS environment. Whether you need to fortify your existing systems or prevent future breaches, our dedicated experts are here to help.
Take the first step towards a secure AWS infrastructure. Talk to us today!
