As companies continue to move to the Amazon Web Services (AWS) cloud-based environment, the need for effectively controlling security will only increase.
Within the AWS shared responsibility model, Amazon declares it responsibilities of the overall architecture and servers hosting your data, while relying on you, the customer, to effectively configure security and compliance within the cloud environment you are allotted. Whether you are using S3, EC2, Lambda, Glacier, SNS, CloudFront, Kinesis or other components of the AWS service suite, it is the customer responsibility to securely configure the application. Amazon indicates that customers are responsible for:
The Schneider Downs cybersecurity practice can help your organization in ensuring that you have appropriately performed your responsibilities as part of the shared responsibility model to enforce security of your data. We can assess your environment against best practice configurations and security configurations to ensure that the environment appropriately takes into account cybersecurity best practices such as identity and access management, secure configurations, logging, monitoring and networking. Our approach can be tailored to the specific applications your environment utilizes within AWS.
Using our practical knowledge and experience, we evaluate the current processes and controls to identify potential gaps in the environment as it relates to cloud security. Following the data collection and analysis, our team works with management to determine solutions for identified gaps and develop a prioritized road map in place to achieve an acceptable level of risk mitigation. In addition, our audit and report will make reference to best practices called out by reputable organizations such as the Center for Information Security and Amazons’ own best practices.
Amazon Web Services, the “Powered by AWS” logo, [and name any other AWS Marks used in such materials] are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at www.schneiderdowns.com/subscribe.
To learn more, visit our dedicated Cybersecurity page.
Receive all the latest insights and industry tips.
Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and business advisory services to public and private companies, not-for-profit organizations and global companies. We also offer Internal Audit; Technology Consulting; Software Solutions; Personal Financial Services; Retirement Plan Solutions and Corporate Finance Services. Schneider Downs is the 13th largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH, and McLean, VA.
© 2024 Schneider Downs & Co., Inc. Maryland license number 35239.
Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.
"*" indicates required fields