Organizations challenged with a shortage of IT resources or little time to harden their systems know how difficult it can be to stay secure in a world where cyber threats are ever-present. In fact, organizations saw 50% more weekly cyber-attacks in 2021, according to Check Point Software.
By computing on Amazon Web Services (AWS) Cloud, you will benefit from AWS data centers and a network architected to protect your information, identities, applications, and devices. But if your organization is unfamiliar with or new to utilizing cloud services, you may need help understanding what your security responsibilities are. Keep reading to learn how the Center for Internet Security (CIS) resources like CIS Hardened Images and newly available free trials, can help your organization take ownership of your security responsibility on AWS Cloud.
A key component to understanding security on AWS Cloud is the AWS Shared Responsibility Model. This model draws a line between the security responsibilities for the customer and AWS. For example, it explains that AWS is responsible for protecting the infrastructure that runs all of the services offered on AWS cloud. In contrast, if you were to execute similar workloads on-premise, the security responsibility would be completely yours.
Thus, a natural first step to embracing cloud computing is to understand and take ownership of your security responsibility. If your organization also lacks time or staff to devote to security, you'll likely need help. That's why free and low-cost cybersecurity resources can be crucial to strengthening your organization's cyber defense. To help with this effort, CIS now offers free trials for several CIS Hardened Images, pre-configured virtual machine images, in AWS Marketplace.
Before detailing what a CIS Hardened Image is, it's important to get familiar with the standards they're built to — the CIS Benchmarks. The CIS Benchmarks are secure configuration guidelines available for more than 100 technologies in 25+ vendor product families. CIS leads a global community of cybersecurity experts that build these best practices with a unique consensus-based process. CIS Benchmarks include a step-by-step checklist on how to apply each configuration recommended for that system. Most importantly, the recommendation also includes a rationale for why that configuration is important for a particular system. So, CIS Benchmarks aren't just about providing guidance. They're built to offer instructions and education on securing the systems you use.
To create a CIS Hardened Image, CIS cloud architects configure the CIS Benchmark recommendations for a Linux, Windows Server, or Apple operating system (OS) into an Amazon Machine Image (AMI). That image is then run through our CIS Configuration Assessment Tool (CIS-CAT Pro) to assess conformance to the Benchmark's recommendations. Within every CIS Hardened Image, CIS includes this assessment report. So, you'll be able to easily see what configurations are (or are not) in the image, and more importantly, why. Lastly, they're available for easy and affordable access in AWS Marketplace for $0.02 per compute hour.
Now you understand the basics of CIS Hardened Images, but why use them? Various regulatory frameworks recognize the CIS Benchmarks as an acceptable standard to meet compliance, and because the Hardened Images include those standards, this recognition extends to them. Thus, they can help with compliance toward frameworks like PCI DSS, NIST, FedRAMP, DoD Cloud Computing SRG, HIPAA, and more.
CIS Hardened Images also provide:
CIS Hardened Images are an affordable resource for hardening your virtual machine images. If you're considering using CIS Hardened Images, we're excited to let you know that free trials are available for the images listed below in AWS Marketplace! You can utilize a free trial for one CIS Hardened Image instance for 30 days. There will be no software charges for that instance, but AWS infrastructure charges will still apply. Keep in mind, free trials will automatically convert to a paid subscription upon expiration, and fees for additional usage above the free units provided will apply.
Head over to AWS Marketplace now to explore these free trials:
Operating in the cloud has many benefits. One of the most valuable is taking some of the security responsibility off of your plate. However, for the components of security you are responsible for, utilizing known security controls is a smart start. Operating on a CIS Hardened Image can save you countless hours of manually hardening your operating system. Take advantage of free trials for select Images in AWS Marketplace today.