nClouds AWS Case Study
Aberrant
nClouds helps leading cybersecurity and compliance company build a secure, compliant and cost-effective GovCloud architecture for their information security management platform.
“nClouds proved to be an invaluable partner for us. Their engineers have extensive experience working with FedRAMP and building infrastructure-as-code (IaC) deployments.”
Benefits Summary
%
Reduced Time to CMMC Compliance
Enhanced Operational Efficiency through Automation and Centralized Governance
Strengthened Data Security and Disaster Recovery Capabilities
Reduced Time and Effort for Compliance Checks and Remediations
Streamlined Deployment Processes Across Multiple Accounts
About Aberrant
Founded in 2021, Aberrant provides the software that enables organizations to establish a system of record for their cybersecurity program.
The Aberrant platform is an innovative software Information Security Management Platform, designed to simplify security management for Managed Service Providers (MSPs) by providing increased operational visibility and enhanced decision information for security operations while automating evidence collection and serving as the centralized system of record for security and privacy.
Industry
Managed Cybersecurity Services, Security
Location
Florida, USA
featured services
Interested in additional services from Clouds?
Challenge
nClouds partnered with Aberrant to design and implement a secure, compliant, and cost-effective AWS GovCloud architecture for their platform.
Align with NIST SP 800-171r2 security controls and replicate their existing infrastructure while meeting stringent security standards and ensuring CMMC compliance through Infrastructure as Code (IaC) artifacts.
Set up a GovCloud account, navigating significant challenges due to complex regulatory landscapes and strict security mandates for federal data.
Compliance with frameworks like FedRAMP, requiring a thorough understanding of technical and legal obligations, extensive documentation, risk assessments, and strong security measures.
Achieve CMMC (Cybersecurity Maturity Model Certification) compliance, challenged by complex requirements, meticulous implementation and documentation of cybersecurity practices, and detailed evidence of compliance for the audit process.
Why AWS and nClouds?
Aberrant had already committed to AWS for its platforms and sought to enhance its existing environment for GovCloud security and compliance. By leveraging AWS Config Conformance Packs, the company benefits from a robust compliance framework that allows for the creation of security, operational, and cost-optimization governance checks through managed or custom AWS Config rules and remediation actions. Automating CMMC compliance checks and remediations with AWS significantly reduces time and effort compared to manual processes.
nClouds, as an AWS Premier Tier Services Partner with extensive expertise in security and compliance, offers significant advantages. They alleviate compliance challenges by guiding organizations through GovCloud account setup and CMMC certification readiness, streamlining compliance processes, implementing best practices for data security, and providing ongoing support. nClouds also evaluates current cybersecurity practices and delivers tailored solutions to ensure all necessary controls are in place, enhancing audit readiness for CMMC certification.
“I cannot recommend nClouds highly enough. Their technical expertise, commitment to excellence, and collaborative approach sets them apart from other companies in the space.”
Strategy and Solution
nClouds collaborated with 360 Advanced to build and deploy a secure, compliant, and cost-effective AWS GovCloud architecture for their Aberrant platform under NIST SP 800-171r2 security controls. This involved the following:
GovCloud Provisioning and Configuration
GovCloud accounts and configurations were set up to create a baseline infrastructure using the AWS Control Tower Landing Zone Accelerator (LZA), which includes Account Factory for Terraform. The LZA deploys foundational capabilities that adhere to AWS best practices and various global compliance frameworks. All components were built through infrastructure as code (IaC) from git-based repositories. A new multi-account environment was set up with baseline services like GuardDuty, Security Hub, and AWS Config, and networking components such as VPCs and Transit Gateway were created.
CMMC Level 2 Compliance
CMMC readiness was achieved within the new 360 Advanced GovCloud accounts by creating IaC artifacts that configure various security requirements, including Access Control, Awareness and Training, Audit and Accountability, Configuration Management, and more. nClouds set up AWS Config conformance packs to scan and remediate environments for compliance.
Aberrant Deployment Workflow
nClouds aided with the creation and extension of CI/CD processes into GovCloud to support the Aberrant platform.
Aberrant Workload Migration
nClouds assisted with the modification and deployment of the Aberrant ECS workloads into GovCloud.
CMMC Level 2 Compliance
CMMC readiness was achieved within the new 360 Advanced GovCloud accounts by creating IaC artifacts that configure various security requirements, including Access Control, Awareness and Training, Audit and Accountability, Configuration Management, and more. nClouds set up AWS Config conformance packs to scan and remediate environments for compliance.
Aberrant Deployment Workflow
nClouds aided with the creation and extension of CI/CD processes into GovCloud to support the Aberrant platform.
Aberrant Workload Migration
nClouds assisted with the modification and deployment of the Aberrant ECS workloads into GovCloud.
Results + Benefits
The collaboration between nClouds and Aberrant yielded results aligned with the AWS Well-Architected Framework:
Operational Excellence
Aberrant was already using IaC tools, and nClouds added remediations through a new Terraform repo with an associated CI/CD pipeline. LZA is also IaC and deployed via CodePipeline.
Security
nClouds helped set up a new GovCloud account for the Aberrant platform, and the environment and pipelines created reduced time to CMMC by about 85%.
Reliability
AWS Backup was implemented for the new environments.
Performance Efficiency
nClouds collaborated with Aberrant to use AWS ECS with Fargate to enhance performance efficiency
Sustainability
Lifecycle policies were implemented on S3 buckets to reduce storage, and unnecessary resources were removed as part of CMMC remediations, fostering a more sustainable cloud environment.
Business Benefits
The business benefits of this solution are multifaceted and contribute to improved compliance, operational efficiency, and data security:
- AWS Config conformance packs offer a simplified view of compliance status for various frameworks, aiding audit preparation.
- AWS Control Tower allows for centralized governance, ensuring consistent enforcement of security policies.
- The Landing Zone Accelerator (LZA) automates account creation and enables essential services, reducing workload.
- Implementing AWS Backup plans ensures robust data protection and enhances disaster recovery.
Together, these components create a resilient and compliant cloud infrastructure that supports strategic business objectives, reduces operational overhead, and fosters a culture of data stewardship and security.
technical Benefits
The technical benefits of this solution significantly enhance the security, compliance, and management of cloud environments:
- AWS Config Conformance packs automate compliance checks against standards like CMMC and FedRAMP.
- AWS Control Tower provides preconfigured controls for quick implementation of best practices.
- Centralized logging from services like GuardDuty, Config, and CloudTrail offers a comprehensive view of security and compliance.
- Federated access management through IAM Identity Center enhances security by streamlining user access.
- CodePipeline with LZA simplifies deployment of changes across multiple accounts.
- Deploying AWS WAF with Load Balancers fortifies applications against web-based attacks.
Overall, this solution fosters a robust, compliant, and secure cloud infrastructure, enabling organizations to efficiently manage their AWS environments.