AWS Cloud Security Assessments

Maintaining AWS cloud security is a demanding, ongoing process that requires sustained vulnerability assessments. Feel at ease knowing your cloud environment is compliant and secure, allowing you to provide secure services to your clients.

Let our security experts audit your cloud infrastructure and provide AWS Security Solutions.

AWS Security Requirements & Philosophy

AWS operates under a shared security responsibility model, where AWS is responsible for the security of the underlying cloud infrastructure and you are responsible for securing workloads you deploy in the cloud. AWS customers are responsible for protecting the confidentiality, integrity, and availability of their data in the cloud, and for meeting specific business requirements for data protection.

Whether starting from scratch with an AWS cloud migration or assessing your current cloud systems, let us ensure that your cloud is protected. Our cloud architecture philosophy follows the five pillars of the AWS Well-Architected Framework. To build architectures that are operationally excellent, secure, reliable, performant, and cost-effective.

AWS Security Requirements & Philosophy

AWS Security Assessment Checklist

Green Marimba provides complex yet affordable AWS security assessments to ensure your architecture is secure and compliant. We will perform the following tasks as part of your cloud assessment -

  1. Identify your AWS cloud assets and cloud security threats
  2. Complete a comprehensive security assessment of your cloud architecture
  3. Create a detailed remediation plan for any vulnerabilities
  4. Implement required security remediation and fixes
  5. Test and verify patches for all vulnerabilities
  6. Schedule on-going security assessments, as deemed necessary

The Center for Internet Security (CIS) provides best practices and security standards for the internet. The CIS for Amazon Web Services (AWS) is a detailed security assessment checklist that provides industry standard guidance on best security for the AWS cloud.  CIS Benchmarks are a global standard and recognized best practices for securing IT systems and data against the cyber attacks.

Let’s review an overview of the standards as defined by CIS for AWS cloud security.

Standard 1: Identity and Access Management

(IAM) is the first AWS security protocol.  With IAM, you can manage your AWS users and groups, allowing you to securely control access to AWS services and resources by using permissions to allow and deny user permissions. Twenty two areas are checked here.

Standard 2: Logging on AWS

Logging is the next important process outlined by the CIS and contains recommendations for configuring AWS's account logging features. Nine areas are checked here.

Standard 3: Monitoring your Cloud

Our AWS Security Assessment will fully scan your AWS services for vulnerabilities, based on the CIS benchmark. We will then create a detailed, customized mitigation plan to help your business get into full compliance with these monitoring standards. Fourteen areas are checked.

Standard 4: Networking on AWS

This section contains recommendations for configuring security-related aspects of the

default Virtual Private Cloud (VPC). A VPC is a secure Virtual Private Cloud hosted within a public cloud. Four areas are checked for security compliance.

See more details on the full CIS benchmark for Amazon Web Services.

Green Marimba’s AWS Security Assessments and cloud migrations follow these strict security protocols.

Additional Security Compliance Requirements

Many businesses and organizations need additional security assessments, based on their industry standards. We assess required compliance with PCI, HIPPA and GDPR standards, based on client needs.

Additional Security Compliance Requirements

  • PCI - The PCI Data Security Standard is a worldwide standard for payment card and consumer financial data protection. Put most simply, the PCI DSS is a set of rules and regulations put in place to safeguard credit card data.
  • HIPPA - The Health Insurance Portability and Accountability Act protects the privacy and security of certain health information, and includes Standards for Privacy of Individually Identifiable Health Information as well as Standards for the Protection of Electronic Protected Health Information.
  • GDPR - The General Data Protection Regulation is an EU law on data protection and privacy in the European Union and European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas and for this reason, some US companies need to follow the standard.

AWS Security Readiness

Green Marimba also provides AWS migration services, to help businesses securely move to the AWS cloud. Assessing applications and security readiness is part of the migration process that must be completed before cloud deployment. Let us help you get there.