A leading movie theater chain wished to strengthen its cloud infrastructure. Modus Create’s security experts conducted a functional resilience and security review, enabled AWS SSO (now known as AWS IAM Identity Center) integration, and set the stage for a wider DevSecOps culture.
Our Work Involved
- Cloud Assessment
- Documentation and Toolset Review
- Process Review
- AWS SSO Integration
- Threat Modeling
- Stronger Security Posture
- DevSecOps Culture
- Secured User Access
3 Cloud Environments Secured
Cloud breaches can be catastrophic.
According to IBM’s data breach report, the average cost of a public cloud breach is a whopping $5.02 million. However, the solution isn’t going back to on-premises. The genie is out of the bottle. The cloud’s benefits are too vast for companies to ignore.
Organizations need to strengthen the security of the cloud, in the cloud.
A popular movie theater chain in the US wished to reduce its cloud infrastructure threat surface. It also wanted to integrate its Active Directory (AD) with AWS cloud resources to enable single sign-on (SSO).
Modus Create’s cybersecurity experts joined the client team and kicked off a two-week security assessment to achieve the project outcomes.
Phase 2: AWS SSO Integration
AWS SSO (now known as AWS IAM Identity Center) is a way to manage multiple AWS accounts and applications at the same time. It also supports multi-factor authentication (MFA), adding an extra layer of security to accounts. This saves time and reduces the risk of unauthorized access.
Our team suggested the steps to enable SSO and utilize its benefits. Furthermore, based on Phase I findings, we developed a strategic plan for securing the cloud environment and improving its development and deployment processes. This plan prioritized key tasks according to their place in the threat/vulnerability exposure matrix. Finally, we proposed a realistic timeline to address the vulnerabilities along with staffing recommendations.
The assessment covered three different AWS cloud environments, three key personnel, one repository, and one CI/CD pipeline. It helped the client address critical risks to its AWS infrastructure and modernize the DevOps pipeline.
By enabling the AD-AWS SSO integration, the client established a secure way to manage access to its accounts. Additionally, it implemented several of our recommendations such as enabling logging and monitoring, enabling MFA, encrypting resources, and adopting tools to automate the DevOps process. As a result, the client’s cloud infrastructure is now robust and able to withstand popular cyber attacks.
Cloud environments secured
Security assessment duration