Encryption Consulting can help you assess your current AWS Key Management system based on NIST 800-57 and industry best practices and identify the areas of improvement within your current environment.
We cater to client requirements based on the assessment report developed by the most experienced resources from the cyber security domain of Encryption Consulting. Following the rigorous assessment, we provide you with an extensively comprehensive Strategy and Roadmap for AWS Cloud Data Protection. Based on your existing security landscape and desired target state we will design the Strategy and Roadmap with the industry best practices and standards in mind.
Based on maturity in these domains, an Assessment Control Document is provided, which is based on industry benchmark standards such as Centre for Internet Security (CIE) standards, NIST, ISO 27001, and GDPR.
The Assessment Control Document along with Risk Assessment Document provide a high-level understanding of the existing security landscape and help to understand the uncertainty factor as well as preventive controls to be in compliance with the regulatory laws.
Few important parameters of a good strategy are – people availability and skill pool, process approach and technological constraints. Hence, we deliver a detailed capability matrix which is grouped by various cloud data protection mechanisms. This provides a perspective on the limitations and requirements for the desired level of maturity.
Our Data Protection Strategy is based on risk prioritization and timeline compliance. Right from classification of data in AWS cloud to the protection of data in various layers through different mechanism such as encryption, DLP etc.
Other than service documentation, we also provide an AWS workbook on Amazon Elastic Block Store (EBS), Amazon Relational Database Service (RDS), Amazon Dynamo DB, and Amazon S3 etc. so that these AWS native capabilities can be utilized in providing an efficient security to your data in support with other Data Protection technologies.
|Data – At Rest||Data – In Transit||Data – In Use|
|AWS Discovery||AWS Elastic Load Balancing (ELB)||Field – Level Encryption|
|Amazon Redshift Encryption (DB)||Cloud DLP||Transparent Data Encryption (TDE)|
|Disk – Level Encryption||Network Traffic Encryption||Tokenization & Obfuscation|
We develop the AWS Cloud Data Protection Strategy after the successful execution of Data Protection Assessment. Based on the assessment report, a strategy is chalked out keeping in mind the limitations, capabilities and specific requirement of the firm.
Clubbed with assessment stage, the deliverables include – A snapshot of the existing AWS Cloud Data Protection landscape along with the gaps identified, AWS Data Protection best practices to align with current industry benchmark standards and global regulations, Practical and prioritized recommendations for enhancing security and detection landscape, Capability matrix and Roadmap document etc. Following the strategy, an implementation manual is provided.
AWS has been architected to be one of the most flexible and secure cloud computing environments available.
A study on global usage trends on Public Key Infrastructure (PKI) and Internet of Things (IoT) along with their application possibilities.
AWS Crypto Training (KMS, CloudHSM, ACM Private CA) course is recommended for anyone using, managing, deploying or designing Key Management solutions, secure Cryptographic storage, PKI and Encryption within AWS Cloud infrastructure.