Case Study: Cloud Integrity
An effective monitoring of configurations and auditing of all cloud environments, via an intuitive web dashboard
Technology is inevitable in these increasingly advanced times, which is why automating business processes has become a normal process at every organization. Just going through automation is not enough, the secure configuration reviews are critical for a business’s success. Configuration makes systems (servers, networks, operating systems, data centers, configuration files, IT assets, and all other configuration items) work. It needs to be managed carefully and keep track of configuration changes to ensure traceability, or the business and end-users could suffer from systems outages, data breaches, and data leaks.
As more organizations move to the cloud, there is a growing requirement for secure configuration reviews to be performed against these often-fluid environments to ensure adherence to best practice guidelines such as: CIS, STIGs, SRGs & NIST or global regulatory requirements such as PCI DSS (Global), APRA (Australia), HIPPA (USA) & GDPR (EU).
It might not be easy to have a round-the-clock monitoring for all cloud systems, this is where Cloud Intergrity comes in; it will allow constant configuration monitoring and auditing of all cloud environments under a client’s control in line with the best practice via an intuitive web dashboard.
Audits can be performed via the API for almost all available Azure and AWS compliance checks. Cloud Integrity, subject to client subscription, will support up to an unlimited amount of cloud environments that will be perpetually audited for overall security “health” and satisfaction of compliance and industry standards; with modifications reflected in an almost real-time manner. At the backend, Cloud Integrity will assume the role of “Security Audit” (if AWS) and/or Global Reader and “Security Reader” (if Azure) and subsequently call the relevant official API’s, to recover the necessary configuration that corresponds to each environment for processing and analysis. This is then used to score the environment’s current configuration against the guidelines, producing an overall “health status”. A web application dashboard frontend will allow clients to interface with the solution where the results will be delivered and presented to the user.
The Cloud Integrity application will be comprised of 3 main views to deliver its key values. These are detailed as:
Root Dashboard/Landing Page
The dashboard will provide a central view of all environments and a simplified view of their current configuration in line with preferred compliance standards.
Environment Specific Overview Dashboard
Each environment configured within the Cloud Integrity application will have its own dashboard controllable from the root dashboard that will contain audit results against the configured compliance standard.
Specific Audit Item Information
Each Specific Audit item should have a detailed view providing the current configuration setting in an environment (potentially across all environments) providing specific remediation information.