Amazon Web Services Security Assessment


As companies continue to move to the Amazon Web Services (AWS) cloud-based environment, the need for effectively controlling security will only increase. Within the AWS shared responsibility model, Amazon declares it responsibilities of the overall architecture and servers hosting your data, while relying on you, the customer, to effectively configure security and compliance within the cloud environment you are allotted. Whether you are using S3, EC2, Lambda, Glacier, SNS, CloudFront, Kinesis or other components of the AWS service suite, it is the customer responsibility to securely configure the application. Amazon indicates that customers are responsible for:
  • Platform, Applications and Identity & Access Management
  • Operating System, Network and Firewall configurations
  • Client and Server-side Data Encryption Settings
  • Network Traffic Protection

The Schneider Downs cybersecurity practice can help your organization in ensuring that you have appropriately performed your responsibilities as part of the shared responsibility model to enforce security of your data. We can assess your environment against best practice configurations and security configurations to ensure that the environment appropriately takes into account cybersecurity best practices such as identity and access management, secure configurations, logging, monitoring and networking.  Our approach can be tailored to the specific applications your environment utilizes within AWS.

Using our practical knowledge and experience, we evaluate the current processes and controls to identify potential gaps in the environment as it relates to cloud security. Following the data collection and analysis, our team works with management to determine solutions for identified gaps and develop a prioritized road map in place to achieve an acceptable level of risk mitigation. In addition, our audit and report will make reference to best practices called out by reputable organizations such as the Center for Information Security and Amazons’ own best practices.

  • Initial consultation and discovery
  • Determine if proper controls are in place
  • Identify potential gaps
  • Develop risk mitigation plan

View our additional IT Risk Advisory services and capabilities

Amazon Web Services, the “Powered by AWS” logo, [and name any other AWS Marks used in such materials]  are trademarks of, Inc. or its affiliates in the United States and/or other countries.


Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.