AWS Public Sector Blog

How Curtin University enhanced security compliance with AWS Managed Services Trusted Remediator

AWS branded background with text "How Curtin University enhanced security compliance with AWS Managed Services Trusted Remediator"

Maintaining robust security posture across decentralized cloud environments presents significant challenges for universities worldwide. Curtin University, Western Australia’s largest public research university, serves over 65,000 students across international campuses in Australia, Malaysia, Singapore, Dubai, and Mauritius. Ranked in the top 1% globally, Curtin excels in multiple domains, including mineral and mining engineering (ranked second worldwide according to the 2024 QS World University Rankings by Subject). As part of its Digital Roadmap Strategy to transform digital experiences for students and staff, Curtin needed to enhance its Amazon Web Services (AWS) security posture and manage limited technical resources and decentralized organizational structure.

This post explores how Curtin University overcame challenges such as limited technical resourcing, complex security compliance requirements, and manual remediation processes using AWS Managed Services (AMS) Accelerate and the Trusted Remediator solution. The university achieved a 32% improvement in its AWS Security Improvement Program (SIP) score within the first six months of its AMS engagement.

AWS Security Improvement Program

AWS SIP is a proactive engagement that AWS Enterprise Support built to help customers measure and improve their AWS security posture. The program uses a framework that’s designed around AWS security best practices and provides prescriptive guidance for long-term security improvement strategies. It includes over 300 best practices across five security pillars: identity and access management, detection, infrastructure protection, data protection, and incident response and automation. AWS SIP security reviews provide a weighted maturity score focused on people, processes, and organizational mechanisms that can’t be automated.

Managing security across decentralized teams

Before onboarding to AMS, and adoption of the Trusted Remediator solution, Curtin University faced several critical challenges, including a decentralized organizational structure, limited technical resources, the absence of established processes, a proliferation of tools that led to unnecessary complexity, and the pressure to comply with security regulations.

The university had multiple teams managing different aspects of its AWS environment without centralized security oversight, creating inconsistent security practices and complicated stakeholder alignment for remediation efforts. Insufficient dedicated personnel for security remediation activities led to delayed response times and a growing backlog of security findings. In addition, like many organizations, Curtin struggled with competing priorities and analysis paralysis when determining which security findings to address first, while carefully considering potential architectural trade-offs and remediation impacts.

Partnership with AWS Managed Services

To address these challenges, Curtin engaged AWS Managed Services (AMS), receiving designated a cloud service delivery manager (CSDM) and cloud architects (CA) who worked closely with the university to assess its environment. This partnership proved instrumental in identifying highest-priority risks and understanding organizational barriers to successful remediation.

While this post focuses on Trusted Remediator, AMS delivered comprehensive improvements across multiple areas that contributed to the university’s overall AWS SIP improvement, including enhanced patch management, strengthened ransomware protection, and access to a 24×7 security operations team. The university also leveraged AMS Operations On-Demand (OOD) support for specialized technical tasks and expert guidance.

Implementing Trusted Remediator

Through the AMS partnership, AMS Trusted Remediator emerged as a critical solution for automating security improvements. Trusted Remediator is an AMS solution that automates the remediation of AWS Trusted Advisor checks and AWS Compute Optimizer recommendations. Trusted Remediator goes beyond standard Trusted Advisor recommendations by providing the capability to create remediation actions automatically based on customer AWS Trusted Advisor checks to reduce costs, improve system availability, optimize performance, and close security gaps across AWS accounts.

The AMS team’s deep expertise in cloud operations and security helped Curtin identify and implement 18 strategic Trusted Advisor checks, carefully selected to address the university’s specific security and operational requirements.

These automated checks covered critical areas including:

To optimize cost, the Curtin team implemented 78 remediations, demonstrating the ability of AMS to address multiple operational concerns simultaneously while improving overall AWS resource efficiency.

AMS Trusted Remediator execution results (both failures and successes) are tracked through detailed reports that can be requested through an AMS CSDM, or accessible using OpsCenter, a tool in AWS Systems Manager, providing comprehensive visibility into remediation activities and outcomes.

The following is an illustration of the Trusted Remediator workflow.

 

Figure 1: The Trusted Remediator workflow

Trusted Remediator assesses Trusted Advisor and Compute Optimizer recommendations for AWS accounts and creates AWS Systems Manager OpsItems in OpsCenter. Then, you can use Trusted Remediator automation documents to remediate the OpsItems automatically or manually. The following are details for each type of remediation:

  • Automated remediation: Trusted Remediator runs the automation document and monitors the run. After the automation document completes, Trusted Remediator resolves the OpsItem.
  • Manual remediation: Trusted Remediator creates the OpsItem for you to review. After you review, you start the automation document.

Remediation logs are stored in an Amazon S3 bucket. You can use the data in the S3 bucket to build custom Amazon Quick Suite dashboards for reporting. AMS also provides on-request reports for Trusted Remediator.

Centralized security management and reporting

The implementation of AMS Trusted Remediator provided comprehensive insights delivered through the designated AMS delivery team. The AMS CSDM assigned to Curtin University as part of the AMS engagement provided regular reports with detailed analytics on Trusted Remediator remediation activities and configuration status. Curtin’s security posture and SIP score received comprehensive monitoring, managed by the designated AMS delivery team who provided expert analysis and recommendations. Critical performance indicators—including remediation completion rates, time-to-resolution, and security finding trends—were tracked through OpsCenter and AMS reporting processes.

The solution was strategically rolled out using a phased approach, starting with low-risk findings to build stakeholder confidence before progressing to more complex, high-risk remediations.

Impact and results

After implementing AMS Trusted Remediator, Curtin University achieved several measurable improvements.

Curtain enhanced its security posture, achieving a 32% improvement in its SIP score—surpassing its 2025 annual target. The solution enabled proactive security management, addressing vulnerabilities before they could impact operations. The university surpassed its security improvement targets ahead of schedule. This early achievement of security goals demonstrated the effectiveness of the automated approach and positioned Curtin ahead of its planned timeline. Ongoing automated remediation and process refinements demonstrate a sustainable path to enhanced security posture, with Curtin projected to achieve an additional 10% security improvement by end of 2025.

The university improved the efficiency of its operations by consolidating multiple custom security tools into a single, centralized platform. Automated remediation of hundreds of security findings reduced manual effort and improved consistency across decentralized teams.

The new system successfully bridged communication gaps between platform and security teams, improving collaboration and accelerating implementation timelines. This enhanced coordination contributed significantly to project success.

Curtin implemented 78 cost optimization remediations alongside security improvements, demonstrating the platform’s ability to deliver value across multiple operational dimensions simultaneously.

Future roadmap

Further security enhancement initiatives that Curtin University has planned involve expanded automation coverage, continuous improvement process, and advanced reporting and analytics. Curtin will implement additional Trusted Advisor configurations and expand automated remediation to cover more security domains and compliance frameworks. The university will establish regular review cycles for remediation rules and implement feedback mechanisms to continuously optimize security automation based on evolving requirements. And the university will enhance security metrics tracking and implement dedicated dashboards for different stakeholder groups across its decentralized structure.

Conclusion

In this post, we demonstrated how Curtin University used AMS Trusted Remediator to transform its security operations through comprehensive automated remediation. By implementing Trusted Remediator, the university moved from reactive, manual security management to proactive, automated security posture improvement—resulting in a 32% improvement in security scores, enhanced operational efficiency, and measurable business value through reduced manual effort and improved compliance. This approach shows how AWS security automation solutions can help educational institutions maintain a robust security posture while managing the unique challenges of decentralized academic environments, whether for university platforms or other complex organizational structures.

To learn more about AMS and security automation, check the resources below:

TAGS: , , , , ,
Jason Wei-Lun Hsia

Jason Wei-Lun Hsia

Jason is a senior specialist solutions architect at AWS based in Sydney who specializes in cloud operations and security. He helps customers design and operate secure scalable solutions using AWS capabilities to deliver measurable business outcomes. He is passionate about building effective solutions to manage cloud environments at scale.

Abishek Plapetta

Abishek Plapetta

Abishek is a senior delivery manager within AWS Managed Services. Abishek partners with enterprise leaders to shape and implement cloud transformation and optimization strategies. He focuses on customers' operational excellence on AWS through enhanced maturity frameworks and operating models, helping organizations build robust observability practices to accelerate their cloud journey.