GSS Infotech

IT Security Services

 
GSS Infotech team was very quick and efficient in modifying the documents and finishing the deliverables. The first drafts of the Functional Spec were created in good time by the team.
Project Manager

A Leading Manufacturing Company

Services » IT Security Services » Cloud Security

Cloud Security

Cloud Security

Covers physical security of the infrastructure and the access control mechanism of cloud assets

Cloud Application Assessments:

Uncover software vulnerabilities, demonstrate the impact of weaknesses, and provide recommendations for mitigation.

Cloud Infrastructure Assessments:

Remotely identify the networks, hosts, and services that comprise your cloud's external and internal environments. Vulnerabilities are identified and if desired, exploited during a penetration test.

Host/OS Configuration Reviews:

Remotely review the configuration of key applications, servers, databases, and network components to identify vulnerabilities that may go unnoticed during network testing.

Cloud Architecture Reviews:

A network architecture review will evaluate the function, placement, and gaps of existing security controls and compare their alignment with the organization's security goals and objectives.

VPN Security Reviews:

Compare your current configuration against recommended best practices and identifies any areas of concern. The assessment includes a remote configuration review as well as an architecture review.

Host-based Firewall Reviews:

Analyze both the configuration of the host-based firewalls (accounts, logging, patch management, etc.) as well as the implementation of network security controls (ACLs) via the firewall.

Methodology

> <
  • I. Evaluation

    Understand exactly what types of data or processing the customer is considering moving to a cloud service and classify that data according to risk.
  • II. Discovery

    Determine where the organization's data resides so that appropriate controls can be put in place.
  • III. Analysis

    Work with targeted cloud providers to analyze the extent to which the business goals can be achieved whilst ensuring the sensitive data remains protected.
  • IV. Mitigation

    Consult on the planning, supply and installation of those elements required to fulfil the security requirement that enable the cloud service migration.