The Business Challenge
IT Naturally was asked by a customer to undertake an in-depth audit of their existing AWS and Azure Cloud environments so that they could fully understand any security best practice issues along with recommended steps and priorities to address them.
Requirements gathering and undertaking the Cloud audit
Prior to commencing the audit, IT Naturally met with the customer to understand their initial concerns around the Cloud environments and the business strategy with regards further development or changes to these environments. IT Naturally then documented the requirements for approval, confirming that a detailed report would be issued at the end of the audit, providing information on the findings and recommendations along with a suggested priority for addressing any security, resilience or scalability issues identified.
Following the provision of AWS and Azure accounts by the customer, IT Naturally gained access to the environments and commenced the audit in early November, with a planned completion date by the end of the month. A project plan outlining the different steps to be taken and reporting on progress was issued to the customer and updated every other day.
The IT Naturally Security, Network and Platform engineers then reviewed the AWS and Azure Cloud environments to assess best practices, network configuration and security vulnerabilities utilising several industry standard security scanning tools. For AWS, this included a review of AWS IAM, Logging and Monitoring using AWS Prowler, Storage, AWS KMS and elastic IP’s. For Azure, this Included a review of MFA, vulnerabilities identified by Azure Security Centre, Logging and Monitoring, Storage and Azure Advisor recommendations.
Two weeks into the audit an interim presentation was given to the customer providing information on the findings to date. This highlighted several issues, which were then expanded on further in the final Cloud Audit Report.
Customer Outcome – detailed Cloud Audit reporting documenting findings, recommendations, and suggested priorities
As per the Project Plan issued prior to commencing the audit, the final Cloud Audit Report was presented to the customer at the end of November and jointly reviewed with them in early December. The report detailed a significant number of cloud security best practice, network configuration and security vulnerabilities which needed to be addressed. Due to the quantity, a more strategic approach was recommended by IT Naturally to initially implement policies and processes with aligned roles and responsibilities to address them. Recommendations were also given to initially focus on security vulnerabilities linked to a lack of OS patching, issues identified as HIGH severity in Azure and a full review of Azure Security Centre and endpoint security.
IT Naturally are now working with the customer to assist them with the remediation work required and helping them define new ways of working to prevent such issues in the future.