AWS CONSULTING PRACTICE

AWS Cloud

Architecture Risk Analysis

OVERVIEW

Our Team of Cloud experts will conduct an extensive review and assessment of the Client’s cloud environment (AWS, Hybrid Infrastructure) focusing on two base tenants: Cloud Architecture and Cloud Security.

The AWS Cloud Architecture Risk Analysis is a pragmatic, risk-based approach to:

  1. Evaluate the Client’s current state cloud environments against organizational business requirements, industry best practices and cloud provider established guidance and frameworks.
  2. Discover, aggregate and analyze relevant Cloud Architecture data which is then distilled and documented for Client review.  Note:  As-Built Architecture Diagrams are produced as part of this effort.
  3. Discover, aggregate and analyze relevant Security Posture data which is then distilled and documented for Client review.
  4. Provide executive level and detailed documentation to clearly communicate findings, potential risks and prioritized recommendations to optimize and enhance the cloud environment from architectural, operational and security perspectives.

PRESS RELEASE

In the News

Aligned Technology Group Becomes AWS Advanced Consulting Partner, Further Strengthening Secure Cloud Practices

DESIRED OUTCOMES

  • Document and visualize through network diagrams your current state AWS environment to enable a common operational picture that you can use to communicate, evaluate, and address technical debt and security risk.
  • Evaluate your current state AWS environment against the AWS multi-account strategy and AWS Security Reference Architecture (SRA) to identify opportunities to better:
    • Allocate and manage costs,
    • Control access and permissions,
    • Provide engineers with the flexibility to innovate, and
    • Secure your AWS environment.
  • Evaluate your AWS cloud environment against industry frameworks such as the Center for Internet Security Critical Security Controls and NIST Cyber Security Framework to identify and address gaps relying on appropriate preventive and detective guardrails.
  • Rationalize your security architecture and solutions and optimize capital and operating expenses while improving or sustaining your security posture.

DELIVERABLES

  1. Executive Overview in narrative format that provides an overview of current state, potential risks, and key recommendations.
  2. Comprehensive Report that reflects an evaluation of the current state architecture along with risk-based recommendations to enhance or optimize the security of the AWS environment relying on AWS design principles and patterns as a guide. 
  3. Recommended & Prioritized Improvements within a multi-year roadmap to address business critical gaps and opportunities.
  4. As-Built Architecture Diagrams of the existing AWS Organization that reflect AWS services and third-party components (as applicable) that comprise each account.
  5. Document & Diagram Current AWS Management and Member Accounts along with the AWS services and third-party components, as applicable, that comprise each account by geo location (including customer count by geo location). 
  6. Evaluate Current AWS Multi-Account Design principles and recommended patterns relying on AWS guidance and frameworks, specifically:  AWS Security Reference Architecture (SRA), and Organizing Your AWS Environment Using Multiple Accounts.
  7. Penetration Test (OPTIONAL) external and internal cloud penetration test.

DESIRED OUTCOMES

  • Document and visualize through network diagrams your current state AWS environment to enable a common operational picture that you can use to communicate, evaluate, and address technical debt and security risk.
  • Evaluate your current state AWS environment against the AWS multi-account strategy and AWS Security Reference Architecture (SRA) to identify opportunities to better:
    • Allocate and manage costs,
    • Control access and permissions,
    • Provide engineers with the flexibility to innovate, and
    • Secure your AWS environment.
  • Evaluate your AWS cloud environment against industry frameworks such as the Center for Internet Security Critical Security Controls and NIST Cyber Security Framework to identify and address gaps relying on appropriate preventive and detective guardrails.
  • Rationalize your security architecture and solutions and optimize capital and operating expenses while improving or sustaining your security posture.

DELIVERABLES

  1. Executive Overview in narrative format that provides an overview of current state, potential risks, and key recommendations.
  2. Comprehensive Report that reflects an evaluation of the current state architecture along with risk-based recommendations to enhance or optimize the security of the AWS environment relying on AWS design principles and patterns as a guide. 
  3. Recommended & Prioritized Improvements within a multi-year roadmap to address business critical gaps and opportunities.
  4. As-Built Architecture Diagrams of the existing AWS Organization that reflect AWS services and third-party components (as applicable) that comprise each account.
  5. Document & Diagram Current AWS Management and Member Accounts along with the AWS services and third-party components, as applicable, that comprise each account by geo location (including customer count by geo location). 
  6. Evaluate Current AWS Multi-Account Design principles and recommended patterns relying on AWS guidance and frameworks, specifically:  AWS Security Reference Architecture (SRA), and Organizing Your AWS Environment Using Multiple Accounts.
  7. Penetration Test (OPTIONAL) external and internal cloud penetration test.

Related
Terms &
Definitions

As-Built Diagrams
Detailed architectural diagrams and flows that expose the AWS services and third-party components across all accounts, and how they are organized and configured within the existing AWS Organization.

AWS Security Reference Architecture
The Amazon Web Services (AWS) Security Reference Architecture (AWS SRA) is a holistic set of guidelines for deploying the full complement of AWS security services in a multi-account environment. 

AWS Multi-Account Strategy:  
A multi-account strategy is key to success when customers are starting to adopt AWS, expanding their footprint on AWS, or planning to enhance an established AWS environment. Using multiple AWS accounts to help isolate and manage your business applications and data can help you optimize across most of the AWS Well-Architected Framework pillars including operational excellence, security, reliability, and cost optimization.

AWS Well-Architected Framework
The AWS Well-Architected Framework helps you understand the pros and cons of decisions you make while building systems on AWS. By using the Framework you will learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems in the cloud.

We remove the barriers which prohibit organizations from achieving maximum value from the enterprise Cloud.

Specialists with AWS

As an Advanced Tier Services partner, Aligned is vested and committed to Amazon Web Services (AWS). And, we are just getting started.

We are working tirelessly to enhance and extend our expertise with AWS. We truly believe in the superiority of AWS over other cloud competitors, and see this play out with our Clients each and every day.

Strategically Aligning Technology to Business

© 2023 ALIGNED TECHNOLOGY GROUP         Terms of Use        Online Privacy Notice      Cookie Policy

Cost Optimization

Issue: Small AWS deployment with little management oversight and a lack of cloud skills internal to the organization moving from traditional infrastructure to SaaS and cloud based solutions.

 

What we did

  1. AWS Audit
  2. Cost Optimization Review
  3. Ongoing Monitoring

 

Result:

  • Eliminated unused storage volumes and the old application server no longer in use, the charges for AWS resulted in a savings of 51% per month.
  • We’ll continue to monitor AWS billing and finance to ensure maintenance of savings and identify other future changes.

Cost Optimization

Issue: Small AWS deployment with little management oversight and a lack of cloud skills internal to the organization moving from traditional infrastructure to SaaS and cloud based solutions.

 

What we did

  1. AWS Audit
  2. Cost Optimization Review
  3. Ongoing Monitoring

 

Result:

  • Eliminated unused storage volumes and the old application server no longer in use, the charges for AWS resulted in a savings of 51% per month.
  • We’ll continue to monitor AWS billing and finance to ensure maintenance of savings and identify other future changes.