Cloud migration needs a solid security foundation
If you aren’t yet in the cloud but are thinking about moving to AWS, SoftwareOne can help you get started on the right foot with the help of the AWS Migration Acceleration Program (MAP). This includes an AWS Well-Architected review, which provides a lot of insights into the best security strategies for your organisation and also helps you understand what your costs will be.
AWS Well-Architected can also help if you’re already in the cloud but are looking to optimise your security practices. It’s a relatively quick process that can be done in a day or two.
A key thing to understand when you’re moving to the cloud is that hyperscalers invest heavily to secure their infrastructure. That means security issues are more often down to how users configure and manage the applications on top of that cloud infrastructure.
With its Shared Responsibility Model, AWS is responsible for security of the cloud – that is, it protects all of the hardware, software and other infrastructure that your cloud services run on. Customers, on the other hand, are responsible for security in the cloud. That means configuring and managing services to follow best practices in security, such as using identity management with multifactor authentication, encrypting sensitive data, setting permissions so users can access only the tasks required for their jobs (the principle of least privilege), and regularly rotating passwords and access keys.
For a deeper dive into your security needs, SoftwareOne can conduct a security posture assessment that will identify gaps in detail. This assessment, which we introduced about four years ago, involves a comprehensive mix of workshops with stakeholders, automated scanning of your AWS environment and manual inspections. At the end, you’ll receive an 80–90-page report that scores your current performance across many aspects of security and provides short-, medium- and long-term recommendations for strengthening your security practices.