LRQA Nettitude Blog

Cybersecurity hidden costs to watch out for | LRQA Nettitude

Posted by Lisa Washer on Jan 31, 2024 9:58:44 AM

As cybersecurity risk continues to evolve and threats become more sophisticated, organisations are starting to invest more in measures to mitigate risks and protect their business. For some organisations, cybersecurity has become a critical investment and is a top board concern. For other organisations, it can be more difficult to treat cybersecurity with the priority that is required for several reasons...

Read More

Topics: cloud security, cybersecurity budget, cybersecurity spending, siem, LogRhythm Axon, cybersecurity costs

Security Considerations in AWS | Nettitude

Posted by Nettitude on Nov 30, 2022 5:42:29 PM

 

Security Considerations in Amazon Web Services (AWS)

What is Amazon S3?
What is Amazon EC2?
Misconfigurations in AWS EC2
AWS Identity and Access Management (IAM)
What is Amazon RDS?

There are several reasons to adopt cloud services, and there has been a growing increase in total spend on cloud services over the last decade. Cloud computing offers speed and agility, competitive pricing models to deploy various IT resources and flexibility.

The cloud services market share is dominated by Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Of the three main providers, AWS currently occupies the highest percentage of the market as of 2022. This blog focuses on security within AWS specifically, highlighting security issues within common services as well as secure design choices and practices.

AWS has hundreds of services within its global infrastructure. These can be broken down into high-level services such as Storage, Compute, Databases, and Security, Identity & Compliance. Below are some examples of the most popular services that sit within these class types:

● Storage – Simple Storage Service (S3)
● Compute – Elastic Compute Cloud (EC2)
● Security, Identity & Compliance – Identity Access Management (IAM)
● Databases – Relational Database Service (RDS)

Read More

Topics: cloud security, AWS

Building Baseline Security in the Cloud | Nettitude

Posted by Nettitude on Nov 28, 2022 3:48:49 PM

 

Building Baseline Security in the Cloud with Policies

AWS (Amazon Web Services) policies
Microsoft Azure policies
How implementing baseline policies in a cloud environment helps

Cloud security can often feel like an overwhelming practice. Cloud environments can employ many resources with varied functions, leading to the complicated task of securing these resources. Implementing baseline policies within your cloud environment can simplify the task of implementing common security practices uniformly across all resources. Cloud providers simplify this practice through policy-checking services. In Amazon Web Services (AWS), the service is called Config, while in Azure the service is called Policy.

Within AWS Config and Azure Policy, there are policy deployments in line with the Center for Internet Security (CIS) recommendations. The CIS issues a document with configuration recommendations for common services within cloud deployments. These services include identity management, compute, storage, networking, monitoring, and database configurations. For AWS, the list of recommendations is approximately 60 items. Instead of examining each item within a document, using AWS Config or Azure Policy can automate the process and alert you to many misconfigurations within minutes. This offers quick and easy deployment of baseline security configurations and continuous monitoring of the compliance state of those policies within the environment.

The following sections detail how to implement these baseline policies for AWS and Azure. It should be noted that some costs may be incurred related to the use of these services.

Read More

Topics: cloud security, Microsoft Azure, AWS

Subscribe Here!

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Recent Posts

Posts by Tag

See all