party solutions to protect servers and networks , and help provision secure outbound internet access utilizing proxies , gateways , and firewalls .
Identity & Access Management
We advise on and design the most effective and secure identity and access management strategies for AWS operations based on industry and AWS best practices . We help clients implement Single Sign-On capabilities , design IAM roles and policies , and provide direction on all aspects of access requirements from AWS console to servers / data to CLI .
Data Protection , Encryption & Key Management
We ensure our clients ’ data is safe and secure on AWS , whether on an EBS volume , S3 bucket , Glacier Vault , or while it ’ s traveling from their data center to AWS . Additionally , we design appropriate key management strategies to encrypt data in transit and at rest .
Threat & Vulnerability Management / Incident Response
We guide clients through the process of establishing required incident response procedures to address unexpected issues . We help implement HIPS / HIDS solutions , file integrity monitoring tools , as well as SIEM solutions for continuous threat monitoring and management .
Security Logging & Monitoring / Audit Trail
We design appropriate logging / monitoring strategy across accounts to ensure all relevant security actions and events are collected , analyzed , and reported on . We implement required IAM policies and other safeguards to ensure security logs cannot be tampered with , in order to preserve integrity .
Configuration Management
We assist clients with automation of configuration management activities and monitor / detect any unauthorized changes or deviation from baseline . We educate them on best practices related to infrastructure as code and help implement native and 3rd party tools such as AWS Config , Cloudformation , Terraform , Chef , Puppet or Ansible .
Secure Development Practices
We promote DevOps and agile principles for software development . We advise our clients on how to improve security of their application development and deployment processes including automated code scans and secure CI / CD aspects . We train and enable their developers to build more secure applications on AWS .
14 | THE DOPPLER | FALL 2017