Cloud Security Review

The Service

Network infrastructure and information technology resources are being virtualized at an expedited rate – everything is moving to the cloud.  The safety and privacy of your data will always be a top priority.  Our Cloud Security Review is performed by 10-D Security auditors utilizing a consultative and risk-based approach.  Our goal is to assess and identify weaknesses in your virtual environment, analyze safeguards, synthesize your policies, documentation, and standards, and correlate those discoveries to information security best practices.  We have developed a reporting process that delivers “risk-based” facts in a universally readable language and format. Our reports detail findings in a non-technical style and provide a clear, concise listing of risks, with logical mitigation recommendations to follow.  Cloud engagements vary greatly in length, depending on the complexity of the environment and desired depth of review. We currently perform:

AWS Security Reviews

Microsoft Azure Security Reviews

Microsoft 365 Security Reviews

The Scope of Work

Our Cloud Security Review is scoped based on the complexity of your enterprise’s cloud environment and asset size. We use a risk-based approach driven by known risk areas, the trends of regulators, and focus on internal risk assessments. Areas of the review include but are not limited to:

  • Authentication & Access Controls
  • Enterprise Resource Planning
  • Privacy/Confidentiality
  • Change Controls
  • Data Security
  • Availability/Business Continuity
  • Log Management
  • Vulnerability Management
Man jumping canyon
Sailor at helm

The 10-D Security Difference
  • We understand the grey areas of regulation and guidance.
  • We have worked on your side of the fence.
  • We have nationwide auditing experience with ALL types and sizes of institutions.
  • Our proprietary tools capture and review key data in a fraction of the time.
  • We provide concise, professional, and easy to read reports delivered promptly.
You would benefit from a 10-D
Cloud Security Review if
  • You are required to comply with FFIEC, GLBA, PCI DSS, SOX, HIPAA, or HITECH.
  • You have IT assets containing personally identifiable information (PII) or financial transaction data.
  • You have IT assets containing proprietary information or intellectual property.
  • You want to ensure your cloud infrastructure and general controls are sufficient and performing as expected.

Keep your institution off the evening news.

Contact Us