2) Security

• Ability to protect data, systems, and assets to take advantage of cloud technologies to improve your security.

Design Principles:

• Implement a strong identity foundation: Centralize identity manage and use the principle of least privilege.

• Enable traceability: Track logs and metrics and if anything is suspicious, take action immediately.

• Apply security at all layers: Apply security everywhere (edge of network, VPC, load balancing, every instance and compute service, operating system, application, and code).

• Automate security best practices

• Protect data in transit and at rest: Use encryption, tokenization, and access control where appropriate.

• Keep people away from data: Reduce or eliminate the need for direct access or manual processing of data.

• Prepare for security events: Do incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery.