Do not rely on an instance's local storage for valuable, long-term data. Instances can fail, and when they fail, the data on the local disk is lost. You should use a replication strategy across multiple instances to keep your data safe or store your persistent data in Amazon S3.

Define images based on the type of work your instances perform. For "internet applications" you may choose to define one image for database instances and one image for your webservers. Image creation and storage are cheap and easy operations. Individualize and customize as necessary. Keeping your images specialized will mean that the resulting AMIs can be smaller. Smaller AMIs will boot considerably faster.

Monitor the health of your instances. Make your instances work for you by monitoring each other. You may choose to create an image which contains one of the various open-source monitoring tools such as Nagios or OpenNMS. Each worker instance, based on your other images, might then report its health to your monitoring instance.

Keep your Amazon EC2 firewall permissions as restrictive as possible. Only open up permissions you need to open. Use separate groups to deal with instances that have different network ingress requirements. Consider using additional security measures inside your instance including your own firewall. If you need to login interactively (ssh), consider creating a bastion security group that allows external login, while the remainder of your instances are in a group that does not allow external login.