Check your Elastic Load Balancers (ELBs) listener for secure configurations. Cloud Conformity recommends using HTTPS or SSL protocols to encrypt the communication between the client and your load balancers.
When an ELB has no listener configured to use secure protocols like HTTPS or SSL, the front-end connection between the client and the load balancer is vulnerable to eavesdropping and man-in-the-middle (MITM) attacks. The risk becomes even higher when transmitting sensitive private data such as credit card numbers. If your ELBs are not using secure listeners (HTTPS or SSL), apply the information provided in this guide (see Remediation/Resolution section) to update their configuration.
To determine if your load balancers are using secure listeners, perform the following:
To secure the connection between the client and the load balancer, update each ELB configuration to use listeners with HTTPS or SSL protocols (an X.509 SSL certificate is required). To implement HTTPS / SSL for your ELBs front-end listeners, perform the following: