Solutions

AWS Cloud Security Assessment

Identify Your Security Gaps & Develop Remediation Steps

Speak To A Cloud Advisor
Solution overview

AWS Cloud Security Assessment

Assess your cloud security and gain actionable remediation strategies

 

Many of today’s businesses rely on the cloud to remain competitive and agile in their various industries. However, being in the cloud comes with security risks and exposure that require adherence to rigorous compliance standards and constant vigilance in following best practices. 

Our security assessment gauges the security posture of your cloud environment against AWS best practices. We then use the assessment results to recommend remediation strategies to prevent future attacks.

 
cloud-badge-icon

The Benefits of an AWS Cloud Security Assessment

Get a clear picture of your security posture & areas for improvement

We designed our comprehensive security assessment to help you identify risks and avoid future attacks on your cloud environment.

eye-black

Improved Security Posture

Gain insight into your current security posture and set priorities for improving your AWS Infrastructure and related technology operations.

thunder

Team of AWS Security Experts

Mission Cloud is an AWS Level 1 Managed Service Security Provider (MSSP) Competency Partner with certified cloud experts that can assess your security posture and strengthen your AWS environment to protect your business and data.

battery

Optimize Resources

Security assessments give you the actionable insights that you’ll need to understand how to prioritize security resources and develop a proactive strategy. Investing in an assessment is better than the potential cost of a possible future security breach.

check

Proactive & Focused Strategy

Set a long-term strategy for strengthening your infrastructure’s security and build a plan to stay aligned with the ever-evolving threat environment and best practices.

ruler

Actionable Insights that Protect Your Business

To gain the most out of your security assessment, we generate a report that includes actionable insights that will help protect you from any number of threats.

hanger

Peace of Mind

Leverage the industry-leading Center for Internet Security (CIS) Foundations Benchmark to ensure your business is following best practices to reduce risk to your environment.

Contact Us

Discovery Process

During the discovery phase, we work with you to understand your cloud environment and seek ways to minimize risk and maximize protection of your infrastructure. We facilitate this process through video conference meetings and collaboration between you and your Mission Cloud Solutions Architect.

Our experts review and analyze current security and AWS access controls to identify areas for improvement. Mission Cloud has extensive knowledge and experience with various types of workloads and AWS environments to help you meet your business goals and serve your needs.

Isabel G. Marketing Associate

Comprehensive Security Evaluation

Well-architected security best practices & strategic technology roadmapping

Once Mission Cloud fully learns and understands your business objectives, our security assessment evaluates your AWS environment against AWS well-architected security best practices and Center for Internet Security (CIS) benchmarks for AWS. This process consists of a two-prong approach: 1) A security best practices scan and 2) A hands-on security assessment and review.

A Mission Cloud Security Assessment is an effective way to gauge the fundamental health of a company’s cloud infrastructure. It is a valuable starting point for integrating the technologies, design elements, and operational practices that drive sustained, cost-effective, secure utilization of the cloud. We evaluate the following areas:

Organizations and Identity & Access Management (IAM)

  • AWS Organizations
  • Organizational units and policies
  • Root access controls
  • IAM settings
  • IAM users, groups, roles, and policies
  • Federation and authentication

Network Architecture

  • Security Groups
  • Ingress/egress controls and management access patterns
  • Virtual Private Cloud (VPC) Subnet Design

AWS Security Services and Tools

  • AWS CloudTrail
  • AWS Config
  • AWS Security Hub
  • Amazon Detective
  • S3 Access Logging
  • IAM Access Analyzer
  • Centralized Logging

Our cloud experts consolidate all data, recommendations, and insights from the assessment into an actionable formal findings report so that you can see your security strengths and weaknesses. From there, we can establish an actionable plan.

A sample security findings report:
PASSED CHECKS
10.9% (5)
PARTIALLY PASSED CHECKS
30.4% (14)
Failed Checks
58.7% (27)
CIS Check Name List
(Select Check Name to view level info)
Section
Check Name
Passed/Total
Status
1. Identify & Access
Avoid the use of the "root" account
2/2
Passed
Do not setup access keys during initial user setup for all IAM users that have a console password
3/38
Partially Passed
Enable detailing billing
0/2
Failed
Ensure a support role has been created to manage incidents with AWS Support
0/2
Failed
Ensure access keys are rotated every 90 days or less
24/38
Partially Passed
Ensure credentials unused for 90 days or greater are disabled
33/38
Partially Passed
Ensure hardware MFA is enabled for the "root" account
1/2
Passed
Ensure IAM instances roles are used for AWS resource access from instances
2/2
Failed
Ensure IAM password policy prevents password reuse
0/2
Failed
Ensure IAM password policy require at least one lowercase letter
0/2
Failed
Ensure IAM password policy require at least one number
0/2
Failed
Ensure IAM password policy require at least one symbol
0/2
Failed
Ensure IAM password policy require at least one uppercase letter
0/2
Failed
Ensure IAM password policy requires minimum length of 14 or greater
0/2
Failed
Ensure IAM policies are attached only to groups or roles
36/38
Partially Passed
Ensure IAM policies that allow full"*:*" administrative privileges are not created
96/102
Partially Passed
Ensure MFA is enabled for the "root" account
1/2
Partially Passed
Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password
37/38
Partially Passed
Ensure no root account access key exists
1/2
Partially Passed
1. Logging
Ensure AWS Config is enabled in all regions
0/2
Failed
Ensure CloudTrail is enabled in all regions
2/2
Passed
Ensure CloudTrail log file validation is enabled
1/2
Partially Passed
Ensure CloudTrail logs are encrypted at rest using KMS CMKs
0/2
Failed
preverity
Customer Success Story
Preverity

Preverity, Inc., a healthcare analytics firm that offers a risk prediction platform, needed a way to continuously assess the security of its AWS environment, employ security controls to meet current best-practice standards, and meet the security criteria of customers. Preverity turned to Mission Cloud to conduct an AWS security and best-practices assessment report.

Mission Cloud also helped implement security controls and train the IT team to manage and monitor the environment. Partnering with Mission Cloud enabled Preverity to increase its already significant security posture and implement AWS Security Hub to continuously monitor based on best practices. The Preverity sales team can now reference the strong security posture on customer RFPs, and IT can respond efficiently and easily to security audits requested by customers.

Read The Full Story
Resources you may be interested in

Explore Resources

SCHEDULE AN AWS SECURITY CONSULTATION

You Cannot Fix What You’re Unaware Of

Each company’s security posture is unique. A security assessment from Mission Cloud gives you the knowledge and confidence you need to protect your AWS infrastructure and digital assets. Schedule a free consultation with one of our cloud advisors to discuss your cloud security needs.

Schedule A Call