AWS Data Protection – Strategy


"27% Organizations that say 95% of their critical workloads will run in the cloud in five years"

Source: Cloud Vision 2020: The Future of the Cloud Study (LogicMonitor)

Encryption Consulting can help you assess your current AWS Key Management system based on NIST 800-57 and industry best practices and identify the areas of improvement within your current environment.

We cater to client requirements based on the assessment report developed by the most experienced resources from the cyber security domain of Encryption Consulting. Following the rigorous assessment, we provide you with an extensively comprehensive Strategy and Roadmap for AWS Cloud Data Protection. Based on your existing security landscape and desired target state we will design the Strategy and Roadmap with the industry best practices and standards in mind.

The AWS Cloud Data Protection Assessment Covers:

Based on maturity in these domains, an Assessment Control Document is provided, which is based on industry benchmark standards such as Centre for Internet Security (CIE) standards, NIST, ISO 27001, and GDPR.
The Assessment Control Document along with Risk Assessment Document provide a high-level understanding of the existing security landscape and help to understand the uncertainty factor as well as preventive controls to be in compliance with the regulatory laws.

Optimum Resource Allocation and Roadmap:

Few important parameters of a good strategy are – people availability and skill pool, process approach and technological constraints. Hence, we deliver a detailed capability matrix which is grouped by various cloud data protection mechanisms. This provides a perspective on the limitations and requirements for the desired level of maturity.

Optimum Resource Allocation - AWS Data Protection Strategy

Data Protection Approach:

Our Data Protection Strategy is based on risk prioritization and timeline compliance. Right from classification of data in AWS cloud to the protection of data in various layers through different mechanism such as encryption, DLP etc.
Other than service documentation, we also provide an AWS workbook on Amazon Elastic Block Store (EBS), Amazon Relational Database Service (RDS), Amazon Dynamo DB, and Amazon S3 etc. so that these AWS native capabilities can be utilized in providing an efficient security to your data in support with other Data Protection technologies.
Data – At Rest Data – In Transit Data – In Use
AWS Discovery AWS Elastic Load Balancing (ELB) Field – Level Encryption
Amazon Redshift Encryption (DB) Cloud DLP Transparent Data Encryption (TDE)
Disk – Level Encryption Network Traffic Encryption Tokenization & Obfuscation

Expected Outcome:

We develop the AWS Cloud Data Protection Strategy after the successful execution of Data Protection Assessment. Based on the assessment report, a strategy is chalked out keeping in mind the limitations, capabilities and specific requirement of the firm. Clubbed with assessment stage, the deliverables include – A snapshot of the existing AWS Cloud Data Protection landscape along with the gaps identified, AWS Data Protection best practices to align with current industry benchmark standards and global regulations, Practical and prioritized recommendations for enhancing security and detection landscape, Capability matrix and Roadmap document etc. Following the strategy, an implementation manual is provided.

Case Study

Encryption Consulting assisted a Healthcare and Life Science Company by reviewing current practices...


"Encryption Consulting created a roadmap for our organization after conducting the Assessment of our Encryption Environment which helped us remediate the high-risk area."

VP Data Protection, Airline Industry


Overview of AWS KMS and AWS CloudHSM

AWS has been architected to be one of the most flexible and secure cloud computing environments available.


nCipher Global PKI and IoT Trends

According to the findings, the rapid growth in the use of IoT devices1 is having an impact on the use of PKI technologies and there is realization that PKI

Download Report
Know more