Breached?

Amazon Web Services Security Assessment

Identify vulnerabilities, mitigate risks and be better prepared against cyber threats.

As companies continue to move to the Amazon Web Services (AWS) cloud-based environment, the need for effectively controlling security will only increase.

Within the AWS shared responsibility model, Amazon declares it responsibilities of the overall architecture and servers hosting your data, while relying on you, the customer, to effectively configure security and compliance within the cloud environment you are allotted. Whether you are using S3, EC2, Lambda, Glacier, SNS, CloudFront, Kinesis or other components of the AWS service suite, it is the customer responsibility to securely configure the application. Amazon indicates that customers are responsible for:

  • Platform, Applications and Identity & Access Management
  • Operating System, Network and Firewall configurations
  • Client and Server-side Data Encryption Settings
  • Network Traffic Protection

The Schneider Downs cybersecurity practice can help your organization in ensuring that you have appropriately performed your responsibilities as part of the shared responsibility model to enforce security of your data. We can assess your environment against best practice configurations and security configurations to ensure that the environment appropriately takes into account cybersecurity best practices such as identity and access management, secure configurations, logging, monitoring and networking.  Our approach can be tailored to the specific applications your environment utilizes within AWS.

Using our practical knowledge and experience, we evaluate the current processes and controls to identify potential gaps in the environment as it relates to cloud security. Following the data collection and analysis, our team works with management to determine solutions for identified gaps and develop a prioritized road map in place to achieve an acceptable level of risk mitigation. In addition, our audit and report will make reference to best practices called out by reputable organizations such as the Center for Information Security and Amazons’ own best practices.

Our Process

  1. Initial consultation and discovery
  2. Determine if proper controls are in place
  3. Identify potential gaps
  4. Develop risk mitigation plan

Amazon Web Services, the “Powered by AWS” logo, [and name any other AWS Marks used in such materials]  are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at www.schneiderdowns.com/subscribe.

To learn more, visit our dedicated Cybersecurity page.

View our additional IT Risk Advisory services and capabilities

Breached?

Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.