Workload Security runs on Amazon Linux. The Workload Security team has hardened it
based on the Center for Internet Security (CIS) standard for Amazon Linux.
Hardening involves making changes to secure the system and make it less vulnerable
to attack. For Workload Security, the changes included updating the web installer
so that it terminates after Workload Security is online, removing unnecessary software,
and configuring system settings to use the principal of least privilege, wherever
it is applicable.
Additionally, you can do the following:
- Enforce user password rules (in Identity and Account Management)
- Set up multi-factor authentication (in Identity and Account Management)
- Manage trusted certificates
- SSL implementation and credential provisioning