Login Register

About This Journal

Journal Innovations Computer Science is a peer-reviewed academic journal dedicated to publishing cutting-edge research and developments in the rapidly evolving field of computer science....

Learn More

Quick Links

Browse

Recent Issues

Contact Info

  • Banda Aceh, Indonesia
  • +6285277777449
  • journal@kawanad.com
  • Week Days: 09.00 to 17.00
    Sunday: Closed

Article

Cover JICS Volume 4 Nomor 2 2025

Implementation of Defense In Depth and IAM Best Practices Based on Segmented VPC Architecture Using Amazon Web Services (AWS) for Small Business Network Security

Views icon

280

Views

Downloads icon

174

Downloads

Altmetrics icon

Altmetrics

Abstract

This study presents the design, implementation, and validation of a cloud security architecture on Amazon Web Services (AWS) that integrates Defense in Depth strategies with Identity and Access Management (IAM) Best Practices, tailored for small and medium-sized enterprises (SMEs). Using the AWS Free Tier, an experimental cloud infrastructure was constructed to evaluate the effectiveness of multi-layered protection encompassing network segmentation, least-privilege access control, and real-time monitoring. The architecture employed a segmented Virtual Private Cloud (VPC) with public and private subnets, controlled by Security Groups (SGs) and Network Access Control Lists (NACLs), while IAM policies and Multi-Factor Authentication (MFA) enforced identity-level security. Centralized monitoring through CloudTrail and CloudWatch enabled anomaly detection and event logging with high accuracy. Test results showed that unauthorized access was effectively blocked, suspicious activities were detected promptly, and all administrative actions were recorded reliably. The findings indicate that combining layered network defenses and IAM governance significantly enhances the resilience, visibility, and security posture of SMEs adopting AWS environments. Beyond its technical effectiveness, the model offers scalability, auditability, and cost-efficiency—demonstrating that enterprise-grade protection can be achieved even within the resource constraints of SMEs. Future work is encouraged to integrate automation and advanced AWS tools such as GuardDuty and Config to strengthen real-world adaptability and compliance.

Keywords

Cloud Security; AWS; Defense in Depth; IAM; SMEs

References

  1. Aditya, R., & Ramadhan, D. (2022). Penerapan keamanan jaringan Virtual Private Cloud (VPC) menggunakan firewall rule dan access control list. Jurnal Teknologi dan Sistem Komputer, 10(2), 135–142. https://doi.org/10.14710/jtsiskom.10.2.135-142
  2. Afriansyah, A., & Huda, N. (2023). Implementasi CloudTrail dan CloudWatch untuk deteksi ancaman siber pada infrastruktur AWS. Jurnal Teknologi Informasi dan Ilmu Komputer, 11(1), 55–62. https://doi.org/10.14710/jtik.11.1.55-62
  3. Alavizadeh, H., Aref, S., Kim, D. S., & Jang-Jaccard, J. (2020). Evaluating the security and economic effects of moving target defense techniques on the cloud. arXiv. https://doi.org/10.48550/arXiv.2009.02030
  4. Amazon Web Services. (2023). Amazon VPC documentation. https://docs.aws.amazon.com/vpc
  5. Amazon Web Services. (2023). AWS identity and access management user guide. https://docs.aws.amazon.com/IAM/latest/UserGuide
  6. Amazon Web Services. (2023). AWS security best practices. https://docs.aws.amazon.com
  7. Amazon Web Services. (2023). Logging API activity with AWS CloudTrail. https://docs.aws.amazon.com/cloudtrail
  8. Amazon Web Services. (2023). Monitoring cloud resources using Amazon CloudWatch. https://docs.aws.amazon.com/cloudwatch
  9. Amazon Web Services. (2023). Security best practices in IAM. https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
  10. Anthony, A. (2018). AWS: Security best practices on AWS. Packt Publishing.
  11. Bhattacharyya, A., & Nair, A. (2022). Defense-in-depth strategies for zero trust security models. ResearchGate. https://www.researchgate.net/publication/364910753
  12. Check Point Research. (2023). Cyber attack trends: 2023 mid-year report. https://research.checkpoint.com
  13. Darmawan, R., & Nugroho, Y. (2020). Implementasi keamanan IAM pada infrastruktur cloud menggunakan AWS. Jurnal Informatika, 14(2), 122–130. https://doi.org/10.30591/ji.v14i2.1821
  14. Gudelli, V. R. (2022). Data encryption and IAM policies: Best practices for AWS ecosystems. CNDR Journal, 2(2).
  15. Kanikathottu, H. (2024). AWS security cookbook: Practical solutions for securing AWS cloud infrastructure. Packt Publishing.
  16. Kitchenham, B. (2007). Guidelines for performing systematic literature reviews in software engineering. EBSE Technical Report.
  17. Kominfo. (2023). Keamanan siber di era cloud computing. https://kominfo.go.id
  18. Machado, L. (2025). AWS IAM advanced best practices. AWS Community Blog. https://aws.amazon.com/blogs/security/aws-iam-advanced-best-practices
  19. Mukherjee, A. (2024). The complete guide to defense in depth. Packt Publishing.
  20. National Institute of Standards and Technology. (2022). Cybersecurity framework. https://www.nist.gov/cyberframework
  21. Reece, M., Lander, T., & Yager, A. R. (2023). Systemic risk and vulnerability analysis of multi-cloud environments. arXiv. https://doi.org/10.48550/arXiv.2306.11528
  22. Sarimole, M., & Firdaus, H. R. (2020). Implementasi IoT dalam pengendalian keamanan gudang menggunakan mikrokontroler di PT Netsolution. CKI On Spot, 13(2), 45–51.
  23. Saputra, H., & Dwi, L. (2023). Perancangan sistem keamanan berlapis pada cloud computing menggunakan defense in depth. Jurnal Rekayasa Sistem dan Teknologi Informasi, 12(1), 21–30.
  24. Shields, D. (2022). AWS security. Manning Publications.
  25. Sulaiman, F., & Setiawan, A. (2021). Implementasi IAM pada AWS untuk meningkatkan keamanan sistem cloud. Jurnal Teknologi dan Sistem Komputer, 9(1), 15–22. https://doi.org/10.14710/jtsiskom.9.1.15-22
  26. Susanti, D., & Pratama, R. (2022). Analisis strategi defense in depth pada keamanan cloud computing. Jurnal Teknologi Informasi dan Komputer, 10(1), 33–40.
  27. Tolt, S., et al. (2023). The role of IAM in securing AWS DevSecOps pipelines. ResearchGate. https://www.researchgate.net/publication/373219301
  28. Verdet, A., Montoya, D., & Kim, J. (2023). Exploring security practices in infrastructure as code: An empirical study. arXiv. https://arxiv.org/abs/2301.12792
  29. Wulandari, E., & Puspitasari, T. (2022). Manajemen akses berbasis IAM role dan policy pada layanan cloud AWS. Jurnal Ilmiah Teknologi dan Komputer, 7(2), 98–105.
  30. Shaw, B., Rogers, S., & Kumar, H. (2022). Defense-in-depth principles for protecting cloud workloads. CrowdStrike Blog. https://www.crowdstrike.com/blog/defense-in-depth-principles

Author Biographies

How to Cite

Asrori, M. U. H., & Said, F. (2025). Implementation of Defense In Depth and IAM Best Practices Based on Segmented VPC Architecture Using Amazon Web Services (AWS) for Small Business Network Security. Journal Innovations Computer Science, 4(2), 230-241. https://doi.org/10.56347/jics.v4i2.318
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver AMA
Endnote/Zotero/Mendeley (RIS) BibTeX

Article Details

  • Volume: 4
  • Issue: 2
  • Pages: 230-241
  • Published:
  • Section: Article
  • Copyright: 2025
  • ISSN: 2961-970X

Scholarly Connection Platforms

License

Articles in this journal are published under the Creative Commons Attribution Licence (CC-BY 4.0). This means that users may share and adapt the articles published on this website in a reasonable manner, but they must give appropriate credit to the creator and indicate the changes they have made. Users must not apply additional restrictions, but must publish the work under the same license (CC-BY 4.0).

Similar Articles

Similar Articles

Discover other articles with topics similar to what you're currently reading. Find more references and expand your knowledge base.

Related Articles You May Be Interested In

start an advanced similarity search

More Similar Articles

Security Analysis of Midtrans Payment Gateway API against...

Faris Widianto Putro, Frencis Matheos Sarimole

Vol. 4 No. 2 (2025): November
Pengembangan Sistem Informasi Penggajian Guru Diniyah...

Rahmad Rizaldi

Vol. 3 No. 2 (2024): November
Perancangan Sistem Informasi Penjualan Tanaman Hias pada...

Bagus Sarul Setia, Banta Cut, Juniana Husna

Vol. 2 No. 1 (2023): May 2023
Rancangan Aplikasi Agenda dengan Fitur Push Notification...

Winda Arinawati, NM Faizah, Widyat Nurcahyo

Vol. 2 No. 2 (2023): November 2023
Most read articles by the same author(s)

Related Articles

Article

IoT-Based Integrated Monitoring System for...

Journal Innovations Computer Science: Vol. 4 No. 2 (2025): November

Muhammad Rizki Rivaldi, Fadillah Said

Read More

About Us

Yayasan Kawanad is committed to promoting open-access scholarly communication and supporting academic excellence through peer-reviewed journals across disciplines.

Navigation

For Authors

Journal Info

Recent Issues

© 2026 Open Journal Systems. All rights reserved. Designed by MSTI-Indonesia.