Skip to content

AWS Security Review

How well protected are your information systems and applications? Where is your business exposed and what is the level of risk?

Strategic Security

Are you playing catch up with customers’ security expectations? Are you gapping on ISO27001, PCI-DSS or FedRAMP compliance?
Relax: We can transform your platform security from a liability to an asset.

Prevent

Detect

Respond

Remediate

Security, Identity, & Compliance services

How well protected are your information systems and applications? Where is your business exposed and what is the level of risk?

The Soimplement Health Check Programme include:

  1. Secure AWS accounts or virtual private cloud (VPC) design
  2. Secure network design
  3. Host and network firewalls
  4. Access to secure network only by VPN
  5. Encrypting all data at rest
  6. Encrypting management service traffic in transit
  7. Central user identity and password management
  8. An audit trail for all AWS changes (CloudTrail)
  9. Role-based access control to sensitive resources.

 

For organisations that must take a high security posture to comply with standards such as Level 3 PCI DSS we would also include:

  1. Two-factor authentication on admin users
  2. Egress traffic filtering / virus scanning
  3. Web application firewalls
  4. Anti-virus scanning of hosts
  5. Intrusion detection
  1. Cloud provider(s) security review, focusing on:
    • Services in use, volumes of consumption etc. 
    • Regions, HA, resiliency, latency 
    • Compliance, security and best practices 
    • Costs, efficient use of purchase units and optimisations 
    • Secure Configuration 
  2. Access Control Review
    • IAM, groups, roles 
    • Access keys, X.509 certificates, SSH keys 
    • Passwords and MFA devices  
    • SSO 
  3. Use of Data Encryption and Security 
  4. Secure Release Process Review 
  5. Patching Cycle Review 
  6. 3rd Parties Level of Access Review 
  7. Performance and Service Limits 
  8. Cost Optimisation and potential savings  
  9. Kubernetes security review
    • Version management and patching
    • Security 
    • Ingress / Egress 
    • CNI  
    • Node utilization 
    • Secrets & certificates management 
    • Segregation of workloads 
  10. Infrastructure Architecture Review
    • Performance 
    • Resilience 
    • Efficiency 

Get an expert review of your AWS platform, focused on your business priorities.