Assessment resolves AWS infrastructure security issues
Snapshot
A green energy company knew its inherited infrastructure was putting the company at risk for security issues, but the team lacked the time, resources, and understanding of where to begin in identifying issues and outlining a plan to resolve them. Kalles Group provided an end-to-end security assessment, prioritizing recommendations and giving the client a long-term strategy to maintain their newfound security processes, best practices, and peace of mind going forward.
Challenge
The client engineering team of a green energy company inherited infrastructure that was putting the company at risk for future security issues. This infrastructure was configured offshore, application-focused, and not set up according to best practices. The engineering leader said he was often kept up at night because of his certainty that things were in poor form, but his team lacked the skill and organizational knowledge to identify and resolve infrastructure security issues in Amazon Web Services (AWS).Â
Approach
Kalles Group performed an end-to-end infrastructure security assessment in AWS and prioritized recommendations for remediation by the client’s engineering team across a broad set of areas, including: Â
- Networking: Naming conventions, access, traffic shaping and monitoring. Enhancement of security groups, NACLs and route tables, and interface gateway endpoints.Â
- Database security through networking configuration as well as making RDS endpoints private for all environments, applying IAM authentication, and encryption at rest.Â
- Authentication, authorization, and recommendations for a platform to support these processes.Â
- IAM: Boundaries, permission assignments, and adjustment of existing policies.Â
- Key management and resource policies.Â
- Recommendations of other AWS security products to consider.Â
Kalles Group collaborated with the client to develop a scalable and secure infrastructure roadmap. Through side-by-side technical work with the client engineering team, Kalles Group was able to accelerate the implementation of key recommendations. Kalles Group balanced the client’s time and budget to configure quick wins and ensure that the designated AWS-configuration lead was equipped to handle the remaining items.Â
Results
Kalles Group completed the project on time and within budget, identifying and resolving issues such as security exposures and overly permissive policies that were putting the client at risk. With clear communication and long-term maintenance in mind, Kalles Group helped the client develop a strategy they could self-maintain going forward.Â