While a public cloud environment does come with inherent risks, it can also offer tremendous benefits. CloudCheckr recently released a white paper on the top 10 AWS Misconfigurations, of which we have chosen to highlight the top few. Read on to hear some of the most common public cloud pitfalls and how to avoid them.


When considering a cloud migration, the protection of your data is probably the first thing on your mind. One of the most common AWS misconfigurations according to CloudCheckr is having insecure APIs, and more specifically incorrect password use or encryption. While AWS does do password checks, customers must be diligent to ensure that they are enabled and that there haven’t been compromises. They also recommend routinely changing your password and designing a password beyond the minimum default 6-character minimum, which also requires more extensive set-up as they are not automatically enabled. CloudCheckr also touches on the importance of data ingress and egress encryption in AWS S3. Leveraging a third party resource to automate regular password and encryption checks might make it easier for businesses using AWS to have peace of mind.

Cost Control

The second biggest concern with AWS is cost control.  One of the biggest hidden drivers of cost can be vendor transparency – or a lack thereof. Factoring in exactly what questions to ask a vendor, or knowing exactly what you want out of your cloud environment, can keep you from feeling short-changed on services that the vendor offers or hidden costs that may be incorporated into their services. Another way to avoid a budget pitfall? Consider what the integration with your existing infrastructure will consist of. Developing a strategy prior to integration could save you from a drawn out timeline and increased budget when the IT team or cloud vendor you’re working with undoubtedly run into bumps in the road.

Something to watch out for once you have chosen a vendor, and even implemented your new cloud environment, are silent budget killers like unused resources. At the beginning of your implementation process, you may set up a default environment, or even an environment extremely tailored to your needs at that time. However, needs for storage and processing quickly change and adapt over time, and it is important for your environment to evolve to keep up with these changes. Services or resources that were originally set up in your environment that lose their usefulness must be purged regularly, or they will drive up your periodic cost. A related issue to watch out for are previous generation resources or resources that haven’t been regularly updated. If your needs are evolving, but the tools you are using are not being regularly updated, you will sacrifice efficiency. By making sure all of your services are regularly updated, you can reach peak utility which will translate into the best cost benefit for you.

How We Can Help

Implementing a migration to AWS, or any new cloud environment from top to bottom, is a large undertaking for most customers, and can quickly become overwhelming. Utilizing a managed cloud provider can save money in the long run, ensure data security and backup, and help with a smooth integration between platforms. At NEF, we work with a variety of cloud integration partners and can provide customers with a variety of options based on the best fit for their needs and budget. If you are interested in moving to the cloud, or need help redesigning your current environment, contact us today.

Related Articles

What Did Google Fiber Teach Us?

Since Google’s 2010 announcement of its plan to wire at least 50,000 homes with fiber connections, Google Fiber has not been delivering the way that many hoped that…

Entering the Asian Data Center Market

  By Tom Duncan Executive Director of Data Centers Asia Pac CBRE Pte. Ltd.   Asia encompasses some of the largest globally connected economies, as well as many…

International 5G Testing a Success: How Will it Play Out for Businesses?

Earlier this month Vodafone UK, Ericcson, and Kings College partnered to conduct a 5G test in Central London. This was the first test of 5G where it didn’t…