CDSA

Amazon Web Services (AWS) solutions combined with Managed Detection and Response (MDR) services can significantly help organizations improve their security postures, according to Sameer Kumar Vasanthapuram, AWS partner solutions architect

“Typically, security has been very hard in an on-premise environment,” he said April 6 during the webinar “How Managed Detection and Response Enables a Startup’s Growth.”

“Customers and organizations face challenges maintaining and managing their security infrastructure on-premise” largely because of two factors: a lack of visibility and a low degree of automation, he told viewers.

Regarding the lack of visibility, he explained: “In an on-premise environment, it can be difficult” at any given time to tell who is using the data, where it is stored and how it is being accessed. All of it requires pretty expensive tooling and stitching together of multiple datasets to get a real view into what’s happening.”

After all, the data often “exists in different silos and the volume of data doesn’t really allow for getting a very good signal-to-noise ratio kind of a measurement,” he pointed out. “Most organizations just don’t have the visibility and that becomes a challenge,” he said.

Regarding the low degree of automation, he explained: “It’s a challenge to get rid of manual processes that are employed to remediate some of the issues that pop up. So think of copying or pasting information from one tool to the other or finding a runbook, [or] evaluating who to contact. It’s just been difficult amidst all of the security tasks, and the operability/interoperability of homegrown tools with third-party tools as well. Manual processes tend to lead to more inconsistent execution. It also has longer wait times and, in most cases, disrupts the customer’s experience. So the goal of automation is to make sure that you can handle tasks effectively but at the same time” leaving it to the security experts “to handle much… higher level events.”

All of that is “much easier in the cloud,” he pointed out, adding: “The combination of the lack of visibility and the low degree of automation really hinders how effective on-premise infrastructure and security is handled today.”

The Usual Tradeoff

“Traditionally, organizations have been forced into a tradeoff between either moving quickly or staying secure,” according to Vasanthapuram.

“Because of these overly manual security processes,” information security teams “have been doing things at human speed, so they can’t ensure… the speed of security” that is expected today, he said.

However, “today it is possible to automate many of the basic security tasks,” he said, explaining: “With the right tooling, you can pretty much patch several hundred servers without any manual intervention. You can also gain visibility needed to identify and monitor these assets and data.”

What is important for organizations to understand is that, “with the cloud, all of this is made easier and you can stay agile while maintaining your visibility but, in most cases, continue staying secure or, in fact, improve your security posture,” he told viewers.

“By providing… integrated logging and monitoring capabilities, as well as automations that are provided, we can help organizations innovate quickly and maintain their security posture and not have that tradeoff anymore,” he pointed out.

Five Key Benefits

“When customers move to AWS, typically they are elevating their security posture and it’s because of five different factors,” he said. They are: Inheriting global security and compliance controls; gaining scale with superior visibility and control; gaining the highest standards for privacy and data security; automation with comprehensive, integrated security devices; and getting access to the largest network of security partners and solutions available.

Security in databases is the “top priority, so we listen closely to customers [and] we offer both a secure cloud computing environment as well as innovative security services that satisfy security and compliance needs” for the risks of organizations, according to Vasanthapuram.

The security of databases “starts with our core infrastructure,” which he said is “designed to meet the most stringent security requirements” and is monitored 24 hours a day, seven days a week, ensuring “confidentiality” of customers’ data, he said.

“The same security experts who monitor this infrastructure also build and maintain our security services, which can help you simplify meeting your own security and integrated requirements,” he pointed out.

“As an AWS customer, you also get the benefit of being able to scale with visibility and control,” he said, noting AWS “provides capabilities that allow you to natively get visibility… [of] API activity as well as traffic activity.”

AWS also takes customers’ privacy “very seriously,” he said, noting the company provides tools and services to “secure data at transit and at rest,” including data at rest that “persists for any duration, and this can be on things like block storage, object storage [or] databases,” he said.

Data in transit “can be either between your customers and your application or between micro services that you build within the cloud,” he noted.

AWS provides “many capabilities to automate your security and compliance tasks so you can reduce your risks and innovate much faster,” he said.

Additionally, AWS offers “the largest network of security partners and solutions,” including software company Alert Logic, he said.

AWS also supports many security standards and compliance certifications, Vasanthapuram noted.

AWS uses a shared responsibility model in which it is “responsible for security of the cloud and customers are responsible for security in the cloud,” he said.

“While customers move to the cloud, they have their choice of figuring out how to implement” security controls and AWS partners including Alert Logic “come in to help” them understand what the right controls are and how to use them.

The Addition of MDR

Alert Logic says its MDR platform provides protection against constantly evolving cyberattacks and also provides AWS security assessment.

Dan Pitman, principal security architect at Alert Logic, explained how his company integrates AWS security features.

During the webinar, Iain Clarke, COO at San Francisco-based online brokerage firm All of Us Financial, also shared how his Software-as-a-Service (SaaS)-based startup, improved its security posture while maintaining a lean team.

All of Us protects its AWS workloads by leveraging Alert Logic’s MDR-enabled agility and that gave time back to its two-person security team to focus on innovation and business value, according to the three companies.

After implementing Alert Logic solutions, All of Us said it had a reduction of failed Center for Internet Security AWS Benchmark checks by 60% within two months.