Migrating an existing enterprise application to the Amazon Web Services (AWS) cloud can provide security advantages, but it requires close collaboration with AWS and ongoing engagement to ensure a secure environment. The cloud provider has expertise in security that should inform an organization's basic security strategy for its cloud migration initiatives. Using tools and processes provided by AWS, building security considerations into the migration process from planning forward, and understanding and following vendor best-practice recommendations are key. Some organizations may rely on "lift-and-shift" migrations, which can be a quick and inexpensive way to start a phased cloud strategy but also raise security concerns. Mitigating these risks involves selecting security tools and best practices, such as using an AWS Virtual Private Cloud (VPC) and understanding where and how to apply AWS security capabilities without refactoring. Additionally, critical security fundamentals like least privilege, logging, and layered security processes should be maintained during and after a migration. When modernizing an application for the cloud, leveraging the AWS Well-Architured Framework and choosing tools that enable visibility are also essential.