How can you integrate IAM with data centres security

How can you integrate IAM with data centers security

 

According to a recent survey, data centres security is one of the most critical issues for enterprise customers. Experts predict that more and more enterprises will adopt cloud services provided by public providers like Amazon AWS or Microsoft Azure. However, since these companies manage their infrastructure, they should protect themselves against compliance risks such as loss of control over sensitive data, data location, data portability and more. From the report: “IAM (Identity and Access Management) is a critical component of any security strategy deployed in a cloud environment. In addition to traditional IAM controls, enterprises should also monitor network activity that occurs within their virtual private clouds (VPCs), as well as user access patterns that could indicate unauthorized accounts or access to third-party tools.”

  1.   Provide visibility and control over AWS account activity:    Audit logging,   alerting and reporting of suspicious activities, and an increase in secure user access
  2.   Proactively monitor virtual private clouds (VPCs): VPC Flow logs can help you monitor traffic inside your VPCs, and AWS Config enables you to maintain an auditable trail of actions taken by or against your resources
  3.   Manage virtual machine (VM) metadata:   Config rules take advantage of the metadata associated with AWS EC2 instances to enable organizations to monitor instance configurations for potential vulnerabilities
  4.   Reduce time and effort spent on compliance: AWS Config rules and Amazon CloudWatch Events make it easy to maintain an auditable trail of activities
  5.   Identify potential vulnerabilities:   Amazon GuardDuty provides organizations with the automated investigation, detection, and response capabilities that help mitigate threats that could lead to misconfigurations or unauthorized access
  6.   Protect data at rest and in transit:    AWS KMS enables you to encrypt your data, AWS CloudHSM helps protect cryptographic keys used for encryption at rest through hardware isolation, Amazon CloudFront can be used for secure content delivery, and Amazon S3 can help protect objects stored in S3 buckets
  7.   Data protection features available on AWS Marketplace:    AWS CloudHSM, AWS CloudTrail, AWS Config Rules, GuardDuty can be purchased as subscriptions on the AWS Marketplace
  8.   Integration with enterprise directory services:   AWS Directory Service for Microsoft Active Directory enables enterprises to connect to their existing Active Directory infrastructure and manage cloud identities through a single platform

.

  1.   Validation and approval of requests:   AWS Organizations provides centralized policy management for all accounts within an enterprise so that the right people can gain access to the right resources
  2.   Automated processes for resource creation:   IAM enables you to use CloudFormation templates and tags to create and manage your infrastructures, such as EC2 instances or S3 buckets
  3.   Automated processes for creating a user:   AWS CloudFormation enables you to create IAM users at the same time that you make your stack, and AWS CloudTrail provides a record of all of the actions taken by these users
  4.   Validation and approval of changes to the AWS account:    AWS Organizations enables you to maintain control and visibility into changes in your AWS Infrastructure and restrict access to only the administrators who need it
  5.   Integration with physical security controls:    AWS supports a range of authentication mechanisms, including hardware tokens and one-time password (OTP) devices such as RSA SecurID
  6.   Visibility into network security groups (NSGs):   AWS Config enables you to monitor changes in your VPCs, and Amazon CloudWatch Events provides the ability to collect, view, and alert on configuration changes in your NSGs
  7.   Visibility into access control lists (ACLs):   AWS Config enables you to monitor changes in your VPCs, and Amazon CloudWatch Events provides the ability to collect, view, and alert on ACL changes in your AWS resources
  8.   Integration with existing directories:    IAM supports integration with enterprise directories such as Microsoft Active Directory
  9.   Integration with existing authentication services:    AWS supports several authentication methods, including hardware tokens and one-time password (OTP) devices such as RSA SecurID
  10.   Visibility into Layer 4 through 7 security controls:   AWS Config enables you to monitor changes in your VPCs, and Amazon CloudWatch Events provides the ability to collect, view, and alert on changes in your Layer 4 through 7 security controls
  11.   Integrating with third-party compliance standards:   AWS Config enables you to maintain an auditable trail of actions taken by users as well as configuration drift within your AWS resources, which helps meet many compliance standards such as HIPAA, ISO 27001, PCI DSS, FedRAMP, GLBA, and SOX
  12.   Integrating with third-party risk management tools:   AWS supports integration with several third-party tools that help you manage risk within your AWS environment.  For example, Amazon CloudWatch Logs can stream logs from virtually any device or application to be analyzed, monitored, and searched for signs of malicious activity
  13.   Automated processes to manage security features:   AWS CloudTrail provides a record of all of the actions taken by users in your AWS account so they can be audited and tracked
  14.   Integration with physical infrastructure:    AWS supports integration with existing communication infrastructure, including VPNs and firewalls
  15.   Integration with legacy applications:    AWS supports several application protocols used by existing applications, such as FTP and ODBC
  16.   Enabling migrations to the cloud:   AWS enables you to migrate your workloads from on-premise data centres to the AWS Cloud in a safe and controlled manner
  17.   Automated patch management for operating systems:   AWS supports Windows Server, including automatic patch management for Windows Server, as well as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), through Amazon EC2 Systems Manager
  18.   Enabling connectivity with partner solutions:   AWS works with a wide range of technology partners, including antivirus software providers, to ensure security controls are built into their solutions
  19.   Integrating with partner solutions:    AWS integrates with other cloud service providers as well as multiple third-party tools that help you manage risk within your AWS environment
  20.   Integration with existing on-premise security tools:    AWS supports integration with several third-party tools that help you manage risk within your AWS environment
  21.   Visibility into Layer 4 through 7 security controls:    AWS Config enables you to monitor changes in your VPCs, and Amazon CloudWatch Events provides the ability to collect, view, and alert on changes in your Layer 4 through 7 security controls
  22.   Visibility into configuration changes:    AWS Config enables you to maintain an auditable trail of actions taken by users within your AWS environment so you can monitor for signs of suspicious activity.  You can also monitor configuration drift across your AWS resources to determine if a resource has been incorrectly modified

 

Leave a Comment

Your email address will not be published. Required fields are marked *