Continuous Compliance is a key enabler of innovation, providing guardrails for a multitude of AWS based projects while both informing IT Security professionals of the security posture and allowing the customer to manage risk in their AWS cloud environments.
The Continuous Compliance framework is built on and extends a number of AWS security services, including AWS Organizations, CloudWatch Events / Event Bus, IAM and CloudTrail. Lambda and DynamoDB are the core compute and database components of the solution, deployed in each region these tools provide near real-time event driven compliance in this complex environment. Compliance visibility is provided both through an ADFS authenticated security portal, CloudWatch events and SNS to the system owners.
Cross functional development streams can operate autonomously across the globe with the additional guidance and direction from the compliance framework supported by the Cyber Security team.
AirWalk’s financial services experience helped the client to design and develop a continuous compliance framework to counter the organization’s normally conservative risk approach and allow them to adopt an innovative approach to AWS services, while maintaining an informed and controlled risk position.