A secure cloud environment starts with proactive policies and controls.
In a dynamic and ever-changing environment, keeping up with cloud risks is a challenging task. The only way to maintain a secure cloud environment is to always be one step ahead of malicious actors – uncovering risks before they become problems. You can do this by maintaining a set of proactive policies and controls that will continuously monitor for vulnerabilities and alert you with recommendations when you need to take action.
Discover areas of risk exposure.
To help customers stay ahead of and mitigate risks, CloudHealth identifies and alerts on three main types of risk: technical risk, operational risk, and financial risk. Technical risks can range from ports that are open to the public to sensitive data that should be encrypted, but is not. Operational risks are process oriented risks, for example, if a user has too broad of a set of permissions and access or if password policies aren’t being followed. Financial risks are an entirely different animal, but are nevertheless extremely important. Financial risks include going over budget, or unexpected cost spikes in a certain service or business group. Across all three areas of risk, CloudHealth customers can set up policies to be notified of infractions with recommended actions. Or, using reports such as the Health Check Pulse, customers can quickly get a 360 degree view into their security posture.
Proactively analyze security operations.
Cloud security starts with users. Without proper access controls and identity management, users can intentionally or unintentionally create security flaws with catastrophic outcomes. CloudHealth offers a rich set of customizable policies with alerts for common identity and access management (IAM) errors with a focus on identifying misconfigured users. This gives customers the ability to stay ahead of cloud security threats caused by insiders. Beyond access control, CloudHealth customers can set policies to monitor for network security, data security, and application security gaps. With support for audit trails, role based access control, your security posture has never looked so good.
Leverage security best practices and gain recommendations.
What if you had a tool that continuously monitored your environment, checking for security gaps that could be exploited? What if this tool could send you proactive alerts and recommendations for remediation of these gaps? The CloudHealth Security Policies for AWS and accompanying Security Violation report can do just this. Tune your alerts and policies by business grouping and severity. Decide what should be included and excluded and how you want to be notified. Track both leading indicators of an issue, such as misconfigured users, user with too broad a span of control, users with vulnerable accounts, or inactive users; and lagging indicators that may be a sign of a breach, such as: suspicious provisioning activity or changes to root accounts or security groups. With each policy, CloudHealth will recommend an action you can take to remediate the issue, along with documentation of best practices.
Gain additional insight with integrated best of breed security tools.
In addition to collecting and analyzing security data directly from your cloud environment, CloudHealth can also integrate with other security and risk management tools to assist with root cause analysis and incident identification. Amazon’s CloudTrail provides a firehose of information on all API calls to AWS. By integrating CloudTrail to CloudHealth, we will collect, process and make available critical security and cost audit events that are useful for both reporting and problem isolation. For example, you can identify what instances were shut down between a specific time window, or what security group changes a specific user made on a given day.
In addition, CloudHealth partners with Alert Logic, the leader in security and compliance solutions for the cloud, to integrate incident alerts into the CloudHealth platform. Together, Alert Logic and CloudHealth can protect your sensitive data by identifying suspicious activity, obtaining context around security incidents and vulnerabilities, and providing incident validation and remediation steps, so you can successfully address the challenges associated with the evolving threat landscape.
Mitigate vulnerabilities with a comprehensive security operations strategy.
Whether you are looking to address financial risk, technical risk, or operational risk, the only way you can keep up in a rapidly evolving cloud environment is to set up guardrails so you can manage by exception. With CloudHealth, you can get alerts and notifications for non-compliant policies and assets so you are always one step ahead of security issues.