Security

Akkodis AWS Cloud services takes sesurity as job zero, just as AWS does. Akkodis engineers to not just meet todays security requirements, but have the agility to adapt as requirements change and strengthen in future

Our team are experts in designing, reviewing and tuning security at different layers of the technology stack.

Security and transparency of operation is critical in all IT workloads, on cloud or off. With AWS, much of this is wrapped up in an API activity log service, AWS CloudTrail. Akkodis likes sending this log stream directly to separate, dedicated security logging accounts, were general administration staff can’t access logs. We’re also keen on using automated security log event identification and alerting in near real-time.

For secure interactive (AWS Web Console) access, we use and recommend FIDO2 physical multi factor authentication tokens for all master (root) account credentials, with federation of identity to your corporate directory (such as Active Directory by way of SAML federation) which may also implement an MFA policy for your administrative users.

Understanding these configurations, and working to ensure that the client’s security posture is maximised without unduly inflicting delay and complication on staff is important; we work with our clients and their existing IT security teams to help them understand any risks and benefits.

We’re fanatical about encryption, algorithms, ciphers, signatures, and validation. Akkodis’ cloud approach is to use only encrypted protocols for all data transfers, both in transit to/from the cloud, as well as intra-cloud. We love disabling old crypto protocols, using only the latest and strongest ciphers, ephemeral keys for forward secrecy protection, and strong chains of trust.

Akkodis loves helping our clients understand how this looks over time. With Akkodis, you can be as secure as your bank, if not more so.

Akkodis is keen to assist clients however they need. Here are some of the ways we’ve previously assisted clients:

Inspect, review and recommend changes for developers and release managers around Continuous Integration and Continuous Delivery, Development, API usage, API design, credential handling. Authenticating using two-way x509 certificate verification, and more.

Observe and inspect operational processes and procedures, recommending changes to improve security, logging, visibility, governance, and timeliness to mitigate potential future security considerations. Tuning and automating TLS Certificate issuance and renewal, TLS option configuration, etc.

Design and architect security frameworks around applications, including using single sign on technologies such as LDAP, SAML and other techniques, AWS IAM Roles and Policies, public/private asymmetric keys and key management, AWS Key Management Service, and more.

Akkodis can also be engaged to put cloud governance teams into your organizations, providing best practice and assistance to your existing development and line-of-business service teams. This service continually appraises, researches and improves your security posture over time, which is often overlooked in a project completion and migration to support approach to IT projects.

Akkodis maintains a number of staff holding the coveted AWS Security Specially Certification. This challenging certification is critical recognition by Amazon Web Services of Akkodis’ technical staff in the capability they bring to bear for our clients in the security space. Our team also hold many other industry and 3rd-party vendor security-releated certifications, professional memberships and more. Our security staff are well versed with decades of experience in security.

A number of our AWS certified engineers carry government security clearances. Akkodis maintains capabilities in selected countries to process additional staff into federal government security clearance levels.
Contact Akkodis to find out more