Cloud Security Assessments
One of the fundamental challenges for any organization operating in any major public cloud provider is understanding its responsibilities under the shared-responsibility model.
Graphics like the one to the right can make it seems simple; however, the line between provider and customer changes for each different service. When using a service like AWS Lambda, the cloud provider will handle all of the operating system and networking, but customers are still responsible for the firewall. In our Lambda example, the platform and much of the access management are handled by the provider, but the application is solely on the customer to ensure it is secure.
PrimeHarbor can assist your organization in understanding its overall cloud security and governance posture and provide guidance on areas of strength and improvement.
Some of the areas we can assess:
- Telemetry - is your organization collecting the right log data? Is that data being fed into the appropriate systems based on your risk profile?
- Organizations & account management - How is your organization using AWS Organizations? What is your account strategy? If there is a vulnerability, misconfiguration, or incident, can you reach the subject matter experts for that account or application?
- Big-Gaping-Security Holes - What major security misconfigurations exist in your environment? What are the top things to focus on from a remediation standpoint?
- Preventative Controls - How do you mature your cloud security & governance to ensure that misconfigurations and risk aren’t introduced into the environment? How do you safely fix security issues without introducing additional operational risk?