AWS Security and Compliance
We offer services implementation of security and controls that are right for the organization. The directive, preventive, detective, and responsive components of the AWS Cloud Adoption Framework (CAF) security perspective organize the principles that will help drive the transformation of your organization’s security culture
Design and Build Identity Access Management(IAM) Model
- Build and Design Authentication and Federation Strategy
- Authorization for Human and Service roles
Design and Build Centralized Logging and Monitoring
- Monitor Config rules, Cloudwatch Alarms, Guarduty, Access Analyzer and Security Hub
- Centrailize Logs CloudTrail, VPC Flow Logs and Config
Design and Build Infrastructure Security
- Security Groups will be used as virtual firewalls to control network access to AWS resources.
- Network Access List will be used to explicitly block malicious traffic.
- AWS GuardDuty will be used as an out of band network layer threat detection mechanism.
- AWS WAF will be used as an in-line application protection layer.
- AWS Shield Advanced will provide for additional DoS/DDoS protection
Design and Build Data Protection for Transit and Rest
- AWS KMS provides Encryption at Rest for the data using managing cryptographic keys
- AWS ACM provides encryption in transit for the data using SSL/TLS