Grey Cloud on a grey background

Play it safe with an AWS Security Assessment

Analyze and improve your cloud security with a Security Assessment for AWS

April 06 2023John Mathew George

Do you trust your AWS cloud security?

Modern cloud services from Amazon Web Services deliver what they promise: they offer many opportunities to digitalize and automate your business processes and deploy innovative solutions. But at the same time, many users are still skeptical about the security of their AWS environment and sensitive data. Hand on heart: Do you have an overview of your security posture? A security assessment specifically for the AWS cloud is an excellent way to find out.

Cloud skills are increasingly in demand

2 Colleagues standing in a Server Room.

In many companies, the shortage of IT specialists in the labor market is keenly felt. A study by Bitkom confirms the dearth of talent: Germany now has a shortage of more than 137,000 IT specialists across all sectors. The deficit is particularly pronounced in specific areas, such as cloud security. In short, many companies lack the in-house expertise to identify and address security vulnerabilities or compliance violations.

Avoid the cloud crash landing

The shortage of IT experts has consequences: As studies show, the number of security incidents triggered by cloud is increasing. The same is true for government-registered personal data breaches. And that's just the tip of the iceberg, as countless security breaches go unreported. The reasons can be misconfigurations, hotfixes, and patches, which can become a risk and leave you vulnerable over time.

In a highly competitive market environment, companies are under pressure and often rush into the cloud adventure without taking the necessary security precautions. It is in every company's interest to implement strong cloud security: The unavailability of systems has negative consequences for the business, and, in the worst case, security vulnerabilities can lead to eye-watering fines and reputational damage.

The AWS shared responsibility model

Certainly, AWS is one of the most secure cloud computing solutions currently available; it is the only commercial cloud vetted and accepted as safe enough for highly sensitive, top-secret workloads. But setup and configurations are diverse, and last but not least, cyberattacks are increasing in both scale and sophistication.

AWS takes a shared responsibility approach to security. Amazon Web Services takes care of the security of the cloud infrastructure, and the user company – the AWS account owner, is responsible for the security when running services and applications in the cloud. So, don't leave your security posture to chance. Put the security and compliance of your AWS cloud environment through its paces by testing it.

A comprehensive analysis is a good start

The cloud landscape constantly evolves, and the legal situation is complex, especially if your operations span multiple countries and service providers. Consequently, it is becoming increasingly difficult to keep track of everything. By investing in security and data protection (ideally at an early stage), you will generate trust among your customers. But where do you get the expertise you need – and what is the first logical step?

A security assessment with an experienced partner is a good start: It sheds light on your IT and cloud infrastructure and checks for conceptual or technical security gaps. An analysis by cloud security specialists also gives you valuable advice on your next steps for working in a secure AWS environment in the future. And that is certainly cheaper than a hasty start with a crash landing.

Achieve certainty – plan sensibly

With a security assessment, you identify and evaluate potential risks. As a result, you can derive specific recommendations depending on the application architecture and the AWS services used.

An assessment should typically include three phases – preparation, implementation, and presentation:


▪ What are the requirements and challenges?

▪ Are there domains/topics that should be given special attention?

▪ What are the known problems, if any?


An analysis of the current state:

▪ An on-site interview to determine the current security level in organizational and technical domains

▪ An assessment of the current state and subsequent gap analysis


▪ Creation of the results

▪ Presentation of results (on-site or remotely)

▪ Handover of the results

An impartial view of your AWS security

Qualified partners with an ‘external view’ offer a professional and independent expert opinion. It is best to use AWS-certified security experts for this purpose. They would address the following focal points in detail during the assessment:

  • General security
  • Data protection
  • Infrastructure security
  • Identity and access management
  • Detective controls
  • Incident response

Actionable information and advice

Ideally, the results will produce a report summarizing the most important findings. As well as listing the security vulnerabilities, it prioritizes them according to relevance and outlines the effort required to fix them. The report gives you a basis for deciding how to increase the level of your AWS cloud security. In practice, vulnerabilities often show up that can be quickly fixed with a few mouse clicks, such as incorrect configuration settings. You just need to know where - that's exactly what the analysis does. Ultimately, you are well prepared to maneuver securely through the cloud.

Check regularly

After the game is before the game – what is true in football also has its meaning for security assessments. AWS rolls out new features and changes its platform almost daily. With cloud-native methods and weekly or even daily software updates, companies add their very own dynamic. Employees taking care of the workloads come and go. Even if security checks are integrated into standard processes everywhere, a regular (annual) AWS Cloud Security Assessment is worthwhile in view of thousands of changes.

Experienced partner for cloud security with AWS

T-Systems is an AWS Premier Consulting Partner with special Security Competency and a validated provider for AWS Security Assessments through AWS Professional Services. Over 600 certified AWS experts have many years of extensive experience in AWS, including in the security area. T-Systems is also approved for ProServe Security offerings: This makes T-Systems one of the few AWS partners allowed to advise and sell the products with a high-security scope.

About the author

John Mathew George

Lead Security Architect for AWS, T-Systems International GmbH

Show profile and articles

You might also be interested in

Do you visit t-systems.com outside of Germany? Visit the local website for more information and offers for your country.