Skip to main content

Agile and Proactive Security Assessments of AWS Cloud Deployments

July 11, 2018

Is your company’s AWS environment secure? How would you know?

Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on staff is a bit of a rarity. Yet, security in the cloud is often paramount to the success of the organization.

As a result, organizations often call Optiv to assess the current state of their AWS implementations and report on security findings. We often find that the first hurdle to overcome is not technical in nature but related to developing trusted partnerships within the organization. We and our clients are able to do our best, and better achieve the businesses’ unique objectives, when we are tightly aligned.

Here’s a great example. Late last year, Alight Solutions (“Alight”) asked us to assess their AWS security environment and make recommendations based on our findings. Alight was in the early stages of implementation and had just begun laying out their architecture.

We had several meetings to determine the scope and understand their objectives. During the process, we developed a great working relationship with the Alight team. This enabled both parties to communicate effectively and to clearly convey expectations. As a result, we were able to marshal the right team of Optiv experts to:

  • Analyze Alight’s AWS architecture;
  • Assess Alight’s third-party proxy and firewall solutions;
  • Provide an automated assessment of AWS configuration settings; and
  • Perform a console-based hands-on evaluation of the security environment.

We generated a report that identified areas of concern where security gaps and vulnerabilities existed. Our report also provided a pathway to success by providing visibility into areas that needed the most attention. Alight was pleased with our deliverable and used the information during their development and deployment process.

About five months later, Alight called us back in to re-assess their AWS environment.  We found that the environment was secured, and the security policy was well developed and aligned with AWS security best practices. Alight was so buttoned up that the company scored 100 percent on a security health metric – a major improvement from their previous assessment. Security has become part of the culture and is now part of everything they do.

“We utilized Optiv’s Cloud Security Services to perform a security assessment of our AWS environment. As a result, Optiv helped enable Alight to identify areas of opportunities and position us to be more proactive when assessing our AWS cloud deployments. They were a great partner and provided tremendous value.”

- Jason Lish, Chief Information Officer at Alight Solutions


    Daniel Brennan

By: Daniel Brennan

Cloud Security Architect

See More

Related Blogs

May 24, 2018

Transforming Logs and Alerts into Actionable Intelligence with UEBA Functionality

For information security practitioners, the stored value in security data can reduce both costs and risk. The progression of the treatment of log data...

See Details

January 31, 2018

Cloud Critical Controls

It’s no secret – organizations are moving to the cloud faster than their security teams can secure them. The daunting task of catching up to the secur...

See Details

December 20, 2017

Securing the Cloud is About Teamwork

I spoke about cloud at a conference a few weeks ago, but I still have lots of thoughts on the topic bouncing around in my head. If you haven’t yet, he...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.