A company’s AWS infrastructure can be massive, complex, and confusing, and if you’re following AWS best practices, your infrastructure is likely divided across multiple AWS accounts. Some Enterprise clients I’ve interacted with have over 80 separate accounts, including dozens of Dev, Test, Staging and Production environments. With so many moving parts, having professionals design, set up and run the infrastructure is undeniably essential.
Rather than staff and maintain an extensive DevOps team in-house, many companies are turning to third party providers for assistance within AWS. This is an excellent decision, as Managed Services Providers (MSPs) have the experience and expertise to properly configure and manage complex AWS systems. However, too many companies have a “set it and forget it” mentality with regards to these MSPs, assuming the act of hiring experts divests them of the ultimate responsibility for their infrastructure and the data contained therein.
Then the breaches, leaks and misconfigurations we’ve all heard about happen. The common thread of many, if not all of these cases, is a third party was left to entirely manage their AWS infrastructure.
This is where Cloud Conformity comes in. Our automated audit process inspects every resource on connected AWS accounts, and our monitoring systems verify every single action (and subsequent consequence in the resulting cascade) to ensure that best practices are met. If using Cloud Conformity, the breaches mentioned above would have been flagged immediately and relevant parties notified of exposure risks within seconds.
Do MSPs find a tool like ours valuable when auditing their customer’s AWS accounts? Sure, of course they do. But the large enterprises that contract these MSPs see Cloud Conformity as an essential tool to get a bird’s eye view and full visibility of their infrastructure, while being able to check management is where is needs to be.
“Trust, but verify” as the saying goes. Even though an organization hires an MSP, the responsibility to secure the data ultimately rests with the company. Always remember the AWS Shared Responsibility Model. It may have been a third party that compromised a tech giant’s data but it was that tech giant’s name (not the MSP’s) splashed across the headlines with significant impact on their reputation, not to mention their balance sheet.
I strongly encourage companies to take advantage of Cloud Conformity’s 14-day free trial, to do a spot-check of their AWS environments. Detected vulnerabilities can be passed on to your MSP for remediation via the customizable communication channels, and you can have an even greater measure of reassurance that your infrastructure is secure. Our portal is intuitive and easy to use, and many clients that trial with us end up becoming customers for this very reason.
Don’t let hiring an MSP be the final step… set up your own audit and monitoring tool for greater confidence, and proactively stay in the loop on how your confidential and sensitive information is being handled. It’s only your reputation on the line, after all.