Axient Blog

LastPass and AWS to secure the Cloud

Digital transformation is rippling through the business landscape, and it’s not hard to see why. Cloud technology replaces heavy on-premise hardware, lowers operational costs, and allows you to scale your business instantly.

While the benefits of transitioning to the cloud are plentiful and obvious, there is a downside – the increased attack surface makes you more vulnerable to data breaches.

But this problem is very simple to mitigate, and I’d like to teach you how to do it with the world’s most popular cloud platform – Amazon Web Services.

The key to a successful security strategy is to focus efforts on the primary attack vector in cloud technology – user accounts.

80% of data breaches are due to poor passwords – this is why account security should be your primary concern.

Fortunately, AWS user accounts are very easy to protect with LastPass. Here’s how you do it:

Step 1 – Add the SSO App to LastPass Step 2 – Log into AWS as an administrator and create a new identity provider Step 3 – Select “SAML” as the provider Step 4 – Enter LastPass as the Provider Name and upload its metadata Step 5 – Create a new role within AWS and select SAML 2.0 as the trusted entity Step 6 – Set LastPass as the SAML provider Step 7 – Select all relevant policies and specify a role name Step 8 – Log back into the LastPass admin console and select “Set up LastPass” Step 9 – Under Service Provider, paste the following URL in the ACS field: https://signin.aws.amazon.com/saml Step 10 – Expand the Custom Attributes section and paste the following information:

– Attribute 1: Constant Value – SAML Attribute name: https://aws.amazon.com/SAML/Attributes/Role – Constant value: Role ARN copied from AWS dashboard + , + Trusted Entity copied from AWS dashboard – Example: arn:aws:iam::*****role/admin,arn:aws:iam::*****saml-provider/identity.lastPass

If you’d like a detailed breakdown of each step, let me know in the comments and I’ll send over a tutorial.

Because most data breaches are caused by compromised accounts, by implementing LastPass, you’ll significantly reduce the risk of becoming a data breach statistic.

Are you concerned about the security risks associated with digital transformation? I’d love to know your thoughts.

Share it