Experian Uses Automatic Remediation on AWS Config to Maintain a Secure Cloud Environment
Global Director of Application Security, Experian
Seeking a Solution for Standardization
Experian needed a solution that could help prevent security alerts by keeping all its cloud environments in a continual state of compliance and automatically take care of residual security alerts in near real time. “Standardizing our tooling and functional use cases would give our clients a single, more unified view from an application and a functional perspective, and that’s where AWS came in with the ideal services to support us in realizing that vision,” says Boulter.
Adopting a Centralized Structure for Cloud Environments
Experian made the decision to automate and standardize its cloud environments by implementing AWS-native security tools in March 2020, and it deployed its first environments within this centralized structure in July. Experian decided to use AWS-native security tools for the practicality of building on top of its existing cloud infrastructure, which uses Amazon Simple Storage Service (Amazon S3)—an object storage service that offers industry-leading scalability, data availability, security, and performance—among other AWS services. Using AWS-native security tools removed layers of management and maintenance for Experian as well as the need to abstract third-party tools.
Experian deployed the new security solution built using AWS in its centralized cloud environment called Experian Express Cloud (EEC). This deployment delivered automatic remediation of misconfigurations throughout all the EEC-linked accounts. To accomplish this, Experian used AWS CloudFormation, which lets users model, provision, and manage AWS and third-party resources by treating infrastructure as code. “At Experian, cloud security has been at the forefront for keeping our cloud environments compliant with enterprise standards,” says Vinay Rudrappa, director of cloud engineering services. “Enterprise cloud environments that are managed through automated policy-driven governance drive best practices in cloud operations, cloud financial management, and cloud security compliance,” says Reuben Landge, cloud security architect at Experian. So far, Experian has applied standardized security controls to over 400 of its accounts, and the number is continually growing.
Experian now has near-real-time visibility and automatic remediation of its cloud environments through AWS Config and AWS Lambda—a serverless, event-driven compute service that lets developers run code for virtually any type of application or backend service without provisioning or managing servers. By setting up AWS Lambda to automatically respond to real-time alerts from AWS Config, Experian has simplified the assessing, auditing, and remediating of its cloud resources to maintain desired configurations, which in turn simplifies cloud management and operational troubleshooting. The company has also built flexibility for its internal teams and clients into its automatic remediation by creating an exception process to policy enforcements. It uses AWS Systems Manager—a secure, complete management solution for hybrid cloud environments—to gain detailed information about the account when misconfigurations trigger a security alert.
Since Experian’s implementation of AWS tools and its environment standardization, its cloud security teams have been able to remain flexible and innovative. “Using AWS Config, we can automatically change the configurations that need remediation, so our teams can focus on applications and servicing their customers,” says Landge. By using AWS Config, Experian enjoys visibility and can correct misconfiguration in 2–5 minutes, compared to 24 hours using third-party tools.
By applying standardized cloud infrastructure, Experian decreased the number of security alerts in its Amazon S3 buckets by 80 percent from June to August 2021. Additionally, after implementing queue encryption remediation through Amazon Simple Queue Service (Amazon SQS)—a fully managed message queuing service—in October 2021, Experian saw an 80 percent reduction in alerts. This standardization has also made it simpler and faster for the company to spin up new environments and apply changes across existing ones, increasing scalability. The modularity of the security solution means Experian can reuse components and automate aspects of development, which saves engineers time.
Continuing to Reduce Security Alerts
Benefits of AWS
- Built a centralized remediation strategy for existing and new cloud accounts
- Applied standardized security controls to 400+ accounts
- Decreased Amazon S3 bucket security alerts by 80%
- Corrects misconfigurations in 2–5 minutes, instead of 24 hours using third-party tools
- Supports flexibility for internal teams and clients
AWS Services Used
AWS Config is a service that lets you assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code.
AWS Systems Manager
AWS Systems Manager is a secure end-to-end management solution for hybrid cloud environments. AWS Systems Manager is the operations hub for your AWS applications and resources, and is broken into four core feature groups.
AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers. You can trigger Lambda from over 200 AWS services and software as a service (SaaS) applications and only pay for what you use.
Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.