Discover gaps in security best practices, create a timed roadmap to improve security posture.
Customers are concerned about a lack of insight into their security risks, the inability to comprehensively communicate their security posture to senior stakeholders, understand gaps in their security approach, and overcome challenges to accelerating innovation while being secure and compliant.
Security Posture Assessment & Roadmap consulting offering aims to address these challenges. It allows an organization to establish a strategic engagement model to understand and visualize their AWS security posture across various workloads or use cases namely data, application, infrastructure, networking, identity and access management, incident response, and regulatory compliance.
In addition, TCS also engages with customers to assess their existing landing zone set up in order to understand their implemented security controls and identify any deviations in security best practices.
Availability
India, United States, United Kingdom, Australia, Austria, Canada, Germany, Hong Kong, Hungary, Ireland, Japan, Malaysia, Netherlands, New Zealand, Poland, Qatar, Saudi Arabia, Singapore, Spain, Sri Lanka, Sweden, Switzerland, United Arab Emirates
Benefits
Assess security posture maturity
Automated discovery of gaps in security best practices.
Identify automation opportunities
Identify new opportunities to automate security implementations across the organization.
Modernize security practices
Define strategic initiatives to increase security posture and establish governance & optimization.
Reduce threat exposure
Adherence to security policies enhance the capability to detect and prevent future cyber threats
-
How it works
-
Key activities
-
Customer contribution
-
About this consultant
-
Architecture diagram
-
How it works
-
The consulting engagement begins with a discovery exercise through a standard questionnaire in order to understand the customer's business objectives on AWS.
The consulting offer uses TCS' security assessment application which customers register themselves for using their contact details to begin the assessment.
The application then sends the customer instructions to create a cross-account role in order to perform a scan of their target AWS account using an external third-partner identity.
The scan generates a report containing metrics on their AWS security posture, namely the presence of elevated IAM permissions and public AWS Lambda functions, any absence of Amazon CloudWatch metrics and alarms to name a few. The application also collects a total of 70+ findings across use cases that include data, application, infrastructure, networking, logging & monitoring, incident response and regulatory compliance. The findings are gaps found in security posture such as presence of elevated IAM privileges, presence of vulnerable AWS Lambda functions, presence of sensitive information in EC2 user data and many more.
The above findings are stored in customer's S3 bucket in their AWS account in order to ensure there is no storage of customer data.
Based on the observation and analysis gained so far, security remediations are prescribed and presented in the form of a timed roadmap. This roadmap contains an implementation plan where remediations are categorized into three "win" phases:quick, medium-term, and long-term wins.
Quick wins contain those security recommendations that are critical but simple to carry out. Medium-term wins include remediations that take more time but are still important. Long-term wins are highly strategic in nature, bringing in governance and optimization, and therefore will take more planning and implementation time.
At the completion of the consulting engagement, the customer receives a roadmap, including a timeline and the costs involved to increase their security posture.
-
Key activities
-
Assessment
Understand existing security controls across data, Infrastructure, apps, network, incident-response and compliance
Security gap analysisIdentify security gaps against recommended standards - AWS WAR, foundational best practices, CIS, NIST
Security posture reportAny gaps are presented to customers elucidating their overall security threat impact
Harness QuadrantOffers a four quadrant view into how various AWS services could be leveraged for maximum business value
Security recommendations roadmapA timelined roadmap that includes the effort and cost involved to increase a customer's security posture.
-
Customer contribution
-
Workshop with customer
TCS collaborates with customer to understand business context and AWS footprint including compliance needs
Access to scan
TCS will require a read-only AWS IAM role to scan a customer's AWS account
Knowledge on security tools
Customer to share insight into third-party security tools so TCS can perform a tools optimization exercise
-
About this consultant
-
In addition to the longstanding relationship with AWS, TCS has a dedicated AWS Business Unit, focused on delivering full-stack enterprise transformation to customers in the cloud across industries such as financial services, healthcare and life sciences, travel and hospitality, retail, manufacturing, power and utilities, education and public sector.
TCS’ comprehensive suite of offerings on AWS include cloud advisory, mainframe modernization, application and infrastructure migration and modernization, SAP, data management and analytics, storage, security and compliance, and industry solutions powered with next-generation technologies like AI/ML, Edge/IoT, Serverless, and Low-Code/No-Code.
TCS holds a number of AWS qualifications, including AWS Premier Tier Services Partner, AWS Managed Service Provider, AWS Public Sector Partner, AWS Solution Provider Program, 15 AWS Competencies and Service Delivery Validations, including the AWS Security Competency, as well as more than 30,000 trained staff on AWS.
-
Architecture diagram
Ready to get started?
Related Resources
AWS Partner Highlights
Tata’s AWS validated qualifications, customer references, and office locations.
AWS Competency Details
Tata has demonstrated deep AWS technical expertise and proven customer success.
Browse our portfolio of Consulting Offers to get AWS verified help with solution deployment.
Browse our library of AWS self-deploy solutions to common architectural problems.
Engage with AWS Partners for secure, innovative, and cost-effective custom solutions that leverage the power and scalability of AWS services to meet your needs.