How a Data and AI Giant Enhanced Cloud Security to 90% and Reduced Costs - Beinex

How a Data and AI Giant Enhanced Cloud Security to 90% and Reduced Costs

Industry Industry

Industry

Consulting Services

Region Region

Region

UAE

Client Client

Client

A multinational corporation that specializes in the areas of Data, AI, and Digital Transformation.

Challenges Challenges

Challenges

  • Lack of centralized monitoring
  • Lack of notification/ alerts on security incidents
  • Cost of cloud-native security services
  • Process Process

    Process

    1. Setting up AWS Organizations
    AWS Organizations includes account management capabilities to better meet the business’s budgetary, security, and compliance needs. Using AWS Organizations, we achieved:

  • Centralized management of all AWS accounts
  • Hierarchical grouping of accounts to meet security and compliance needs.
  • Implemented policies to centralize control over the AWS services and API actions that each account can access.
  • Implemented policies to standardize tags across the resources in organization’s accounts.
  • Integration for AWS IAM Identity Center to manage all human access.
  • 2. Logging – AWS CloudTrail
    Actions taken by a user, role, or an AWS service are recorded as events in AWS CloudTrail.

  • Recording and storing logs for 90 days.
  • Monitoring specified events by sending log events to Amazon CloudWatch Logs.
  • Querying logs and analyse AWS service activity with Amazon Athena.
  • 3. API Security – AWS GuardDuty
    Amazon GuardDuty combines ML and integrated threat intelligence from AWS and leading third parties to help protect AWS accounts, workloads, and data from threats.

  • Achieved near real-time visibility into on-host, operating system-level activities across Amazon EC2 workloads.
  • Enabled automated malware scanning for compute workloads
  • 4. Patching Compute Resources – AWS Systems Manager
    AWS Systems Manager provides a browser-based interactive shell, CLI, and browser-based remote desktop access for managing instances on the cloud without opening inbound ports, managing Secure Shell (SSH) keys, or using bastion hosts.

  • Achieved automated deployment of operating system and software patches across instances.
  • 5. Automated Vulnerability Scanning – AWS Inspector
    Amazon Inspector automatically discovers workloads, such as Amazon EC2 instances, containers, and Lambda functions, and scans them for software vulnerabilities and unintended network exposure.

  • Used the Amazon Inspector risk score to prioritize remediation, reducing mean time to remediate (MTTR).
  • Maximized vulnerability assessment coverage for Amazon EC2, AWS Lambda functions, and container images in Amazon ECR.
  • 6. Removing unused resources – AWS Config
    AWS Config continually assesses, audits, and evaluates the configurations and relationships of resources on AWS.

  • Achieved continuous audit and evaluation of the organization’s resource configuration policy.
  • 7. Overall Security Posture – AWS Security Hub

    AWS Security Hub is a tool to automate security best practice checks, aggregate security alerts into a single place and format, and understand overall security posture across AWS accounts.

  • Automated monitoring to detect deviations from security best practices with a single click.
  • Visualized the security posture of AWS-based applications.
  • Result Result

    Result

    Overall security score improved from 70% to 90%.

    Key Key

    Key Takeaway

  • Used the advantage of the free tier to evaluate the security services.
  • Critical savings can be made by replacing multiple solutions with fewer solutions that offer broader benefits and are more fit for purpose to deliver on cloud security objectives.
  • Client Client Challenges Challenges Process Process Result Result Key Takeaway Key Takeaway