You moved to AWS so now you’re perfectly secure. Nope. In the latest facepalm-invoking security snafu, a misconfigured AWS bucket managed by a Walmart partner exposed 1.3 million customers’ private data to the Internet.
Moral of the story: The cloud is good, but you still have to implement secure concepts such as least privilege, risk management, and access control. And heck, while you’re at it, how about addressing third-party vendor management?
Remember, the cloud is just your data in somebody else’s closet. Their closet doesn’t have magical powers to lock things down. You still have to do the dirty work of securing the data, regardless of in whose closet you choose to put your data.