CLOUD SECURITY ASSESSMENT

WHAT IS A CLOUD SECURITY ASSESSMENT?

The purpose of a Cloud Security Assessment is to identify missing security elements within the cloud services implementation and provide recommendations to remediate those issues. Cloud Security Assessments are typically conducted to compare the implemented administrative, physical, and technical controls of an organization with cloud security best practices. Upon completion, an organization will understand what aspects of the frameworks are implemented and operating effectively and what aspects require additional work.

To accomplish these objectives, RedLegg will organize meetings with the key stakeholders of each cloud environment.  This will allow the consultant to analyze security requirements and identify any gaps that may lead to an increased level of risk.

BENEFITS

Benefits of a Cloud Security Assessment performed by RedLegg include:

INSIGHT:

Gain insight into many of the risks faced within your enterprise by identifying shortcomings in your existing security program.

EFFICACY:

Prioritize the biggest threats to the organization and strategically plan the necessary roadmap to safeguard your organization.

PROACTIVITY:

Reduce the impact and likelihood of a successful breach and data exfiltration through testing and securing of your organization.

COMPLIANCE:

Show customers and stakeholders your commitment to securing and protecting the most valuable assets against various threat actors.

CLOUD SECURITY GAP ASSESSMENT METHODOLOGY

The RedLegg methodology for conducting Cloud Security Assessments is based on a proven track record of examining an organization's security program through interviews and analyzing relevant documentation and materials. RedLegg has developed a robust assessment methodology that maximizes the ability of the consultant to identify security gaps in the organization’s cloud configuration and provide consulting to meet compliance with cloud security best practices while improving the overall security posture of your organization.

The Gap Assessment is performed based on NIST 800-145.

PHASE 1:
EXAMINE

RedLegg examines relevant documentation to determine if aspects of the framework are currently in place.  Analysis of the documentation allows the consultant to understand the maturity level of the program and identify areas to improve beyond compliance with the assessed framework.  Documents may include, but are not limited to:

  • Policies, Standards, Guidelines, Procedures
  • Vulnerability Scans
  • Pen Testing Reports
  • Application Assessment Reports
  • Compliance Reports
  • Network Diagrams
  • Technical Control Configurations
  • Employee Handbook
  • Organizational Chart
  • IR and BCDR Plans

PHASE 2:
INTERVIEW

RedLegg continues by conducting interviews with key stakeholders at the organization.  These stakeholders will answer questions relating to specific aspects of the framework as well as the overall security posture.  Interviewees may include, but are not limited to:

  • CISO/CIO
  • Director of Security/Director of IT
  • Security Architect
  • Network Administrator/Engineer
  • Server Administrator/Engineer
  • Desktop Support
  • Legal and Compliance
  • SOC Team
  • Development Team
  • IT Operations Team
  • Senior Leadership
  • Human Resources

PHASE 3:
CLARIFY

After the interviews are complete, RedLegg will review the notes and ask for any follow-up documentation.  Additional interviews may be necessary based on clarifying documentation.  RedLegg will attempt to continue to clarify any findings to increase the accuracy of the report.

PHASE 4:
DELIVER REPORTS

Upon completion of the assessment, RedLegg will capture the results in a report, including:

  • Executive Summary
  • Assessment Findings
  • Remediation Recommendations
  • Remediation Roadmap

PHASE 5:
DEBRIEF

Once the deliverable has been received, RedLegg will schedule a debriefing meeting to discuss the results of the assessment.  During this phase, RedLegg will work with you to determine any necessary changes to the report.  When changes are complete, RedLegg will finalize the report and finish the project.

  • PHASE 1:
    EXAMINE
  • PHASE 1:
    EXAMINE

    RedLegg examines relevant documentation to determine if aspects of the framework are currently in place.  Analysis of the documentation allows the consultant to understand the maturity level of the program and identify areas to improve beyond compliance with the assessed framework.  Documents may include, but are not limited to:

    • Policies, Standards, Guidelines, Procedures
    • Vulnerability Scans
    • Pen Testing Reports
    • Application Assessment Reports
    • Compliance Reports
    • Network Diagrams
    • Technical Control Configurations
    • Employee Handbook
    • Organizational Chart
    • IR and BCDR Plans
  • PHASE 2:
    INTERVIEW
  • PHASE 2:
    INTERVIEW

    RedLegg continues by conducting interviews with key stakeholders at the organization.  These stakeholders will answer questions relating to specific aspects of the framework as well as the overall security posture.  Interviewees may include, but are not limited to:

    • CISO/CIO
    • Director of Security/Director of IT
    • Security Architect
    • Network Administrator/Engineer
    • Server Administrator/Engineer
    • Desktop Support
    • Legal and Compliance
    • SOC Team
    • Development Team
    • IT Operations Team
    • Senior Leadership
    • Human Resources
  • PHASE 3:
    CLARIFY
  • PHASE 3:
    CLARIFY

    After the interviews are complete, RedLegg will review the notes and ask for any follow-up documentation.  Additional interviews may be necessary based on clarifying documentation.  RedLegg will attempt to continue to clarify any findings to increase the accuracy of the report.

  • PHASE 4:
    DELIVER REPORTS
  • PHASE 4:
    DELIVER REPORTS

    Upon completion of the assessment, RedLegg will capture the results in a report, including:

    • Executive Summary
    • Assessment Findings
    • Remediation Recommendations
    • Remediation Roadmap
  • PHASE 5:
    DEBRIEF
  • PHASE 5:
    DEBRIEF

    Once the deliverable has been received, RedLegg will schedule a debriefing meeting to discuss the results of the assessment.  During this phase, RedLegg will work with you to determine any necessary changes to the report.  When changes are complete, RedLegg will finalize the report and finish the project.

DETAILS

RedLegg's Cloud Computing Security Assessment is based on the Cloud Security Alliance (CSA) Controls Framework.  Service (customer data) location and local regulations are important factors that influence the assessment process and results.

Although cloud-focused assessments can be complicated because they need to address both application and platform security, the assessment process runs through RedLegg's standard ARMEE methodology, where risk is determined by addressing Assets, Remediation, Education, and Enforcement.

  • REVIEW
  • MAP
  • ASSESS
  • EVALUATE
  • RECOMMEND

REVIEW

RedLegg performs a review of your company assets and which cloud-deployed software, infrastructure, platform or a combination of those elements to determine:
  • Whether your cloud instance is secured.
  • Whose responsibility it is to secure it (the cloud services provider or your company).

MAP

Assets are mapped to potential cloud deployment models and multi-tenancy impact is evaluated.

ASSESS

A Gap Assessment is performed based on NIST 800-145 and focused on:
  • Broad network access, rapid elasticity, measured service, on-demand service and resource pooling.
  • A catalogue of compensating controls to determine which controls exist and which do not as a responsibility of the customer, the cloud service provider or a third party.

EVALUATE

Cloud service models and providers are evaluated and legal agreements are reviewed.

RECOMMEND

Areas of critical focus are defined and addressed as both strategic and tactical pain points.

Findings are gathered, analyzed and presented to the customer, including short‑, medium-, and long-term remediation/improvement recommendations.
  • REVIEW
  • RedLegg performs a review of your company assets and which cloud-deployed software, infrastructure, platform or a combination of those elements to determine:
    • Whether your cloud instance is secured.
    • Whose responsibility it is to secure it (the cloud services provider or your company).
  • MAP
  • Assets are mapped to potential cloud deployment models and multi-tenancy impact is evaluated.
  • ASSESS
  • A Gap Assessment is performed based on NIST 800-145 and focused on:
    • Broad network access, rapid elasticity, measured service, on-demand service and resource pooling.
    • A catalogue of compensating controls to determine which controls exist and which do not as a responsibility of the customer, the cloud service provider or a third party.
  • EVALUATE
  • Cloud service models and providers are evaluated and legal agreements are reviewed.
  • RECOMMEND
  • Areas of critical focus are defined and addressed as both strategic and tactical pain points.

    Findings are gathered, analyzed and presented to the customer, including short‑, medium-, and long-term remediation/improvement recommendations.
Tabletop-Exercise-Pillar-Banner

See how incident response tabletop exercises can take your security to the next level.

LEARN MORE

OUR APPROACH

RedLegg is an innovative, global security firm that delivers managed cybersecurity solutions and peace of mind to its clients.

RedLegg’s approach to information security protects the confidentiality, integrity, and availability of critical data based on a sound risk management framework. This approach allows organizations to engage business owners in defining acceptable levels of risk and to participate in the process for evaluating threats.

RedLegg’s ARMEE (Assess, Remediate, Monitor, Educate, Enforce) methodology institutes a lifecycle that allows for an ongoing process to continuously improve the security posture of the organization. This methodology is designed to be portable to all business, legal, regulatory, and security requirements of the organization. It is flexible enough to account for the constant flux in the market place, attack vectors, and protection mechanisms.

ARMEElogo-1

GET COVERED.

Discover the missing security elements within your cloud services.

REACH OUT TO AN EXPERT