According to Arnold Schwarzenegger there is a proper way to smoke a cigar. His first step upon lighting is to take a look around and get the lay of the land. In our daily lives we tend to get wrapped up in our own thoughts and walk around oblivious to our surroundings. In the cloud, when we are so close to the environment that we can’t see the big picture, security can be compromised and risk created.
CloudCheckr CTO Aaron Newman is the Schwarzenegger of the cloud. In his new white paper on cloud security, “Utilizing CloudCheckr for Security,” Newman echoes the Terminator’s sentiment: task #1 with AWS is checking your environment.
Although of course it’s not just important to survey your surroundings, you have to know what to look for. That’s what CloudCheckr specializes in. We have a deep understanding of security best practices and the nuances of implementing them. Out of the box, CloudCheckr scans your AWS account and compares the results to our list of over 100 best practices.
From there comes our tool for continuous monitoring. Daily reports on security changes are generated and distributed back to you. As security threats emerge, whether benign or critical, your security team is kept constantly informed.
CloudCheckr helps make the elaborate and confounding relatively simple. With Multi-Account views, we help you see not just the cloud in front of you, but the whole sky. Multiple AWS accounts are tagged and grouped according to your specifications and displayed in one single Best Practices report.
The CloudCheckr white paper is sprinkled throughout with useful advice on security. For instance, it is important to make sure that CloudTrail (the AWS web service that records API calls) is enabled in all regions, not just in the regions you are using. The thinking goes that if CloudTrail is left unenabled in certain regions, it leaves an opening for suspicious activity to occur unmonitored.
CloudTrail logs are written into S3 buckets and JSON files every five minutes, with separate files for each AWS account and each region. That’s a lot of data to digest. With CloudCheckr, that data can be downloaded for a “total recall” for your security team.
“I’ll be back” next week to talk more about CloudCheckr’s monitoring of CloudTrail, as well as to bring you more golden nuggets from “Using CloudCheckr for Security.” Read Part 2.