Protecting Personal and Sensitive Data in the Cloud
Endell enables customers to effectively and efficiently detect and respond to the evolving cyber threat landscape by protecting their information so they can operate safely online. Using proprietary technology that combines software engineering, data analytics and unique domain experience to create advanced cyber threat intelligence, analysis and alerting platforms Endell provides state of the art cyber protection online. As part of the rollout of services to one of their major financial services clients, Endell requested that HeleCloud assess the target operating model for this system on the AWS platform in detail against AWS security standards, PCI/DSS, GDPR, and industry best practices.
HeleCloud followed their comprehensive and rigorous methodology to assess the security posture of the system through a series of technical and business stakeholder interviews, as well as by using automated discovery and analysis tools. The analysis followed a holistic approach to security and assessed the target operating model from a people, processes, and technology perspective, ensuring that all strengths and potential weaknesses are identified at the individual control level and also in terms of overall protection efficacy. HeleCloud then created a detailed report that provided different views on the data, as well as maturity assessments against the standards, alongside recommendations for remediation for all the findings.
The approach and the actual report were specifically designed to address security and compliance aspects of the Endell system on the AWS platform, and the recommendations were actionable with a view of immediately addressing areas of concern. The Endell leadership team holds the protection of customer and end-user data to the highest levels. Having engaged with HeleCloud, Endell feel confident that this project has helped validate and improve the security and compliance of their system in the Cloud, and would highly recommend HeleCloud’s expertise, experience, security and compliance methodology, and approach to any organisation that is considering establishing presence for mission-critical systems and data on the AWS platform.