Tag: Compliance

How Replacing My Roof Mirrored Information Security – Part 2

by Ayman Elsawah Leave a comment

Gaps are OK, As Long As You Have Compensating Controls Gaps in your roof can be concerning. To an untrained eye, that gap is a BIG problem. Could water get in there? Shouldn't it be tightly connected? What if...? Alone in a vacuum... IT IS! However, with patience, wisdom, and experience we understand that gaps can be…

Continue reading How Replacing My Roof Mirrored Information Security – Part 2

You Just Got An AWS Security Audit… Now What?

by Ayman Elsawah Leave a comment

So you successfully ran Trusted Advisor, Scout2, Access Advisor, or hired an external firm to audit your AWS accounts? You found that the co-founder is still logging in using root keys and that you have security groups allowing 0.0.0.0/0 access from the internet. Not to mention the 20 developers offshore that are sharing the same IAM user and access keys. Oops!