SEC09-BP04 Authenticate network communications
Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.
Using network protocols that support authentication, allows for trust to be established
between the parties. This adds to the encryption used in the protocol to reduce the risk of
communications being altered or intercepted. Common protocols that implement authentication
include Transport Layer Security (TLS), which is used in many AWS services, and IPsec, which
is used in AWS Virtual Private Network (AWS VPN)
Level of risk exposed if this best practice is not established: Low
Implementation guidance
-
Implement secure protocols: Use secure protocols that offer authentication and confidentiality, such as TLS or IPsec, to reduce the risk of data tampering or loss. Check the AWS documentation for the protocols and security relevant to the services you are using.
Resources
Related documents: