About Client
The client is an Asian Satellite Television and Radio Operator in Malaysia. The company was looking for a security solution to resolve issues created by their cloud environment on AWS. We helped them resolve challenges with the help of Cloudlytics.
The Challenge
Being one of the leading satellite television providers in APAC, the team was struggling with the process of security best practices monitoring and taking proper actions on the critical issues being generated across systems hosted on multiple AWS accounts. Since it is working with multiple third parties, and to monitor if the security best practices are being followed as per the compliance requirement or not. The internal security team faced challenges in monitoring their compliance posture continuously in the fast-changing dynamics apropos of the public cloud.
The Solution
Cloudlytics deployed a tailored solution leveraging several AWS services to address the client’s security needs. Key AWS services utilized included AWS Control Tower, AWS Organizations, AWS Audit Manager, AWS Security Hub, AWS GuardDuty, and AWS WAF (Web Application Firewall).
- Assessment of AWS Control Tower and AWS Organizations to optimize and enhance governance in a multi-account environment.
- AWS Audit Manager and AWS Security Hub provided comprehensive visibility into compliance status and security alerts.
- AWS GuardDuty offered intelligent threat detection and monitoring.
- AWS WAF protected web applications from common threats.
Cloudlytics’ compliance engine, with over 300 customized checks, significantly enhanced the client’s security posture. During the POC phase, compliance improved from 42% to 64%. The engine identified 91 non-compliant areas, including 13 high-severity and 33 medium-severity findings. Through four sprints, all identified non-compliant issues were mitigated.
Benefits
- Leveraging Cloudlytics helped the client reduce the efforts and costs of conducting AWS WAR reviews for best practice checks on 4 accounts twice a month.
- Tailored checks were performed as per clients’s requirements.
- The solution enabled the client to improve compliance by over 30%, post-second round of remediation.
- Automated checks enabled the client to see a reduction in audit efforts from weeks to a few hours.
Services Used
- Automated compliance monitoring tool
- User access monitoring tool
- Customized compliance builder panel
- AWS Native Services – AWS Control Tower, AWS Organizations, AWS Audit Manager, AWS Security Hub, AWS GuardDuty, AWS WAF (Web Application Firewall)
Value Additions
- Compliance posture improved by 34%.
- The audit efforts of architects were reduced from weeks to a few hours.