Difference between revisions of "Securing OpenEMR - AWS"
From OpenEMR Project Wiki
| Line 11: | Line 11: | ||
== Secure Your Domain (Optional - Route53) == | == Secure Your Domain (Optional - Route53) == | ||
* This is a guide for securing your domain if you registered it via AWS's Route53. If you did not, some of the concepts still apply and you are encouraged to implement where ever your domain is registered. | |||
* There are 3 important records for securing a domain: SPF, DKIM, and DMARC. | |||
---- | |||
* The most important is SPF. To implement SPF: | |||
** xyz, xyz xyz | |||
* Implement DKIM: | |||
** xyz | |||
* Implement DMARC: | |||
** xyz | |||
== Configure Logging (CloudTrail) == | == Configure Logging (CloudTrail) == | ||
Revision as of 21:15, 14 November 2018
Background
- Please feel free to ask security questions and get very quick feedback on via our chat system
- BY FAR THE MOST IMPORTANT THING YOU CAN DO is enable 2FA for your AWS account
Account
- Setting up 2FA
- AWS provides excellent instructions for setting up 2FA here.
- This will require you to enter a code from an app on your phone after inputting your password. Apps such as Duo or Google Authenticator are recommended for generating the code.
- Billing Estimates
- Other Account Tasks
Secure Your Domain (Optional - Route53)
- This is a guide for securing your domain if you registered it via AWS's Route53. If you did not, some of the concepts still apply and you are encouraged to implement where ever your domain is registered.
- There are 3 important records for securing a domain: SPF, DKIM, and DMARC.
- The most important is SPF. To implement SPF:
- xyz, xyz xyz
- Implement DKIM:
- xyz
- Implement DMARC:
- xyz
Configure Logging (CloudTrail)
Configure Your Network (VPC)
- Flow Logs
- Security Group rules
Monitor Cyber Attacks (GuardDuty)
- xyz
Create a Load Balancer (EC2)
- Application Load Balancer
Set up a Firewall (WAF)
- xyz
