AWS Cloud

Secure AWS systems

We design and build systems that have security built in. We’ve helped clients develop infrastructures that are Level 3 PCI DSS compliant, and ones that have satisfied auditors under GxP and GAMP guidelines.

For the most part, security comes down to good operations practices. Stable tools and resources plugged together in the right way and regularly patched and upgraded create an infrastructure suitable for any organisation with a medium security posture.

Highly regulated industries, such as finance, pharmaceuticals or insurance, demand a little more thought and planning to comply with regulations. Especially if you want a system that doesn’t trade off compliance against agility.

If you’re considering migrating to AWS, or launching a SaaS on AWS, and you have high security needs, talk to us.

Already on AWS? Get an AWS Security review

Build Security In From The Start

When it comes to designing an infrastructure on AWS, we take the Security by Design approach and implement the best practices recommended by the AWS Well-Architected Framework.

This means that when we design and build an infrastructure we add any good security practices that can’t easily be retrofitted as standard. This guarantees that, even if compliance guidelines change, your system can be adapted.

We can also code security and compliance into your infrastructure, making automated security testing part of your deployment pipeline.

Be More Agile Without Compromising Security

Compliance regimes are often seen as a barrier to agility. They needn’t be. Intelligent infrastructure design and electronic tools can address many compliance issues. They can make compliance systematic, reducing the risk of human error, cutting the need for paperwork, and streamlining workflows.

Support High Compliance Needs

All the systems we design and build include:

  • Secure AWS accounts or virtual private cloud (VPC) design
  • Secure network design
  • Host and network firewalls
  • Access to secure network only by VPN
  • Encrypting all data at rest
  • Encrypting management service traffic in transit
  • Central user identity and password management
  • An audit trail for all AWS changes (CloudTrail)
  • Role-based access control to sensitive resources.

For organisations that must take a high security posture to comply with standards such as PCI DSS, GxP and HIPAA we would also include:

  • Two-factor authentication on admin users
  • Egress traffic filtering / virus scanning
  • Web application firewalls
  • Anti-virus scanning of hosts
  • Intrusion detection

Speak to us

Book a conversation with one of our AWS security experts to ask questions and learn more about how we work.