From a developer perspective, the endpoint that RDS provides for a database instance is nothing more than a URL, which means that you can use the same techniques that you use for any online data. This consideration also applies to any administrator tools used for private data. Administrators must consider the following issues as part of the application migration:
- Verify that a connection works before attempting to use it to perform tasks on the data.
- Assume that the connection will go down at some point, so make sure to verify that the connection is still present before each task.
- Assume that someone will hack your data, no matter what security precautions you take, because the data is now available in a public venue (so have a recovery plan in place).
- Ensure that security measures work as anticipated so that every user group can access the data within the boundaries set by company policy.
- Define security policies for working with data in a public venue that address social hacking issues.
- Consider legal and privacy requirements before moving the data.
- Develop a plan for dealing with sensitive data that inadvertently makes it to your hosted database rather than staying on the local network or on a specific machine.