...
Wherever possible, use encrypted and secure communication protocols to avoid man in the middle attacks; this is when someone get access to your communications and can read the data going through like in a public WIFI. For example: do not use HTTP, use instead HTTPS. Do not use FTP to transfer files, use instead FTPS, SFTP or S3.
If you need a web certificate for your VM, we suggest to use the service provided by Let's Encrypt.
Use intrusion detection software
...