Business man looking at IT Security Services on his phone Business man looking at IT Security Services on his phone Business man looking at IT Security Services on his phone

Cloud Security

Digital Transformation

The Cloud offers organisations a great opportunity to improve on operational efficiency, gain market share, deliver a better experience for their users and customers and realise cost savings. As a result transformation projects are underway across companies of all sizes and industries.

The Cloud services that digital transformation projects seek to leverage can be grouped into 3 main models:

  • SaaS – Software as a Service, this is for example an application that is run online rather than on your local network, popular SaaS choices are CRM applications such as SalesForce or Dynamics 365. The SaaS provider allows your users to access the application and they are responsible for the underlying infrastructure requirements to support the application.
  • PaaS – Platform as a Service, this is for example a datacenter provider who allows you access to, and maintains, servers and the servers’ operating systems (OS) on your behalf, you retain ownership and control of the applications and data that reside on the servers.
  • IaaS – Infrastructure as a Service, this is for example a datacenter provider who allows you access to servers, you retain ownership and control of everything that resides on the servers from the OS upwards.

Kaon Security have tailored their security offerings to meet the demands of customers who wish to ensure an adequate level of security is applied to their data, network and systems regardless of the Cloud services model they are working with.

We can assist in Cloud decision making in advance of migrating, this is especially useful for organisations who wish to ensure security best practice is in place as a foundation for a successful and safe cloud migration. From mapping your existing environment through to reviewing current and future state architecture we are able to collaborate with you to provide practical security guidance and advice in this complex process.

Many organisations have already made a partial or full migration to the cloud. Some are aware that cloud applications are being used in their environment but they do not have full visibility of what exactly is being used and who is using it. Kaon Security are able to apply their substantial experience to provide you with an accurate understanding of your current risk levels and the practical steps you can take to assure yourself of the security of your (and your customers) data.

Two office workers planning a digital transformation project on a PC and laptop
Business man remote working in a coffee shop using a secure Microsoft 365 environment

Microsoft 365 Security Review

The Microsoft 365 online productivity suite has proven to be a very popular solution for organisations that recognise the business benefits of using cloud based technology.

When deploying Microsoft 365 organisations need to make some key security configuration decisions; making the right decisions can be challenging given the depth of options to choose from.

You will need to consider (for example) different access control options to manage identity and access control for using Microsoft 365 and Azure features, review data resiliency arrangements for protecting information and recovering it from potential corruption, and determine the best way to prevent data leakage using encryption and controlling forwarding options.

Furthermore a “set and forget” approach won’t work as the Microsoft 365 cloud environment is inherently very dynamic.

The Kaon Security Microsoft 365 Security Review service has assisted organisations improve their IT security posture by optimising their Microsoft 365 security configuration.

In delivering this service our experts investigate and assess more than 150 facets of the implementation and assess these against potential risks to ensure the appropriate options have been selected.

The detailed report provides an executive summary of the Microsoft 365 security review, a risk analysis commentary and security recommendations. Specifically written for business people, the executive summary will allow you to discuss how to improve your Microsoft 365 security posture.

A detailed “Key Observations” section is provided in the report for the CIO or IT Manager covering our security findings, a risk analysis commentary and our recommended next steps for remediation.

Click here to read a case study on our Microsoft 365 Security Review.

Click here to read testimonials from our customers about our Microsoft 365 Security Review.

Microsoft Teams Security Review

MS Teams, the native external facing collaboration tool, can be a concern for Microsoft 365 administrators. Regular product enhancements and updates, privacy and data leakage, malware threats and account hijacking are all key security considerations.

We will assist an organisation to:

  • Improve the overall Teams risk profile
  • Prevent breaches through data sharing, video chat, and 3rd Party Apps
  • Reduce risks introduced through links to other apps
  • Prevent unauthorised access to Teams by guest/anonymous users
  • Monitor the use of Teams
Man collaborating on a mobile phone using a secure Microsoft Teams app
IT professionals optimising Azure security configurations

Azure Security Review

Microsoft’s successful Azure platform comprises of interoperable cloud computing services that incorporate open-source, standards-based technologies plus proprietary solutions from Microsoft and other technology companies.

The Azure infrastructure is a complex environment made up of interlinked virtual machines, storage accounts, application services and databases utilising complex virtual networks and load balancers. Additionally all of these objects are categorised as a Resource within Resource Groups.

When deploying the Azure solution organisations need to make some key security configuration decisions, and making the right decisions can be challenging given the range of configuration options to choose from. A “set and forget” approach won’t work as the Azure cloud environment is inherently very dynamic.

The Azure Security Review Service assists organisations to improve their IT security posture by optimising their Azure configuration.

In delivering this service our experts investigate and assess key areas of the Azure infrastructure including the current configuration and available supporting customer information. We then conduct a risk analysis of the Azure implementation, make recommendations to improve the organisational security posture and provide remediation points.

Some of the areas we investigate and verify include:

  • Resource Groups
  • Storage Accounts
  • Virtual Machines and Networks
  • Application Services
  • SQL and Cosmos databases
  • Load Balancing

The detailed report provides an executive summary of the Azure security review, a risk analysis commentary and security recommendations.

A detailed “Key Observations” section is provided in the report for the CIO or IT Manager covering our security findings, a risk analysis commentary and our recommended next steps for remediation.

AWS Configuration Security Review

The original popularity of AWS amongst dev/ops teams has long since spread to include organisation wide assets including production servers, applications, and most importantly large amounts of data.

In choosing to leverage the many benefits of an AWS cloud environment every organisation must take adequate steps to assure itself that any assets placed into that environment are appropriately secured from risks. The decentralised nature of AWS introduces the potential for additional risks that are unknown to many organisations.

In reviewing the AWS configuration for security best practice we assess key areas including:

  • AWS tenancy
  • Underlying services
  • Instances
  • Objects
  • Networks
  • Databases
  • Other resources

The AWS Configuration Security Review assesses the security configuration and controls in use, and identifies gaps, overlaps, conflicts and unused features.

In addition, this review also helps an organisation to determine how effectively its AWS environment is utilised, and evaluate whether they are following proper security controls, privacy laws and secure deployment practices.

Cloud security experts at Kaon Security go the extra mile and associate the findings with their understanding of your on-premise infrastructure, in order to locate any additional risks or threats only active within hybrid environments.

Comprehensive reporting is provided including:

  • An executive report detailing the security posture of your AWS environment, underlying instances, services, applications, databases, storage buckets, and web applications.
  • A configuration export of the point in time AWS configuration baseline.
  • Various reports generated or extracted during the exercise.
  • Details on various configuration checks executed throughout the activity.
  • A tactical action plan detailing how to resolve issues.
development and operation teams working on AWS security configurations

Contact Us Today

Fill in the form below or call us on +64 9 570 2233