performance-dashboard-on-aws

Security and Your Responsibility

Security and compliance is a shared responsibility between AWS and the customer. AWS is responsible for protecting the infrastructure that runs the AWS services used by Performance Dashboard on AWS (PDoA). The customer is responsible for securing their customer content using the security controls available with PDoA and the underlying AWS services it’s built on. Out of the box, PDoA is secured through controls such as:

To further minimize application security risks, we recommend you follow the guidelines outlined in the sections below.

Securing AWS Account

Customers run Performance Dashboard on AWS in their own AWS accounts. Customers are responsible for securing their accounts and resources according to AWS best practices.

Limit Access to Administrative Functions

To create dashboards and perform other administrative functions, a user must be granted the Editor role and authenticate in order to access the Performance Dashboard on AWS. To reduce the threat of attackers from outside your organization attempting to login, you can block access to the /admin path to only come from your on-premises network.

Publish data responsibly

You are responsible for the data you choose to use with your dashboards, where they are hosted, and who has access to them. You should not use data with PII and PHI information to display in public dashboards.