Change management process will route change requests to the most appropriate queue. Designated approvers can request additional information, reject or approve changes directly via email or from a mobile device.
Realtime Change Detection
CloudAware continuously monitors AWS accounts, operating systems, intrusion detection feeds, vulnerability scan results and trusted advisor violations. When a significant event happens a change management process is activated automatically. For example, if CloudAware Federal detects that S3 bucket just became publicly accessible or an instance has not been scanned in WhiteHat for over 3 months, it will instantly fire off a change management process such as an approval request, email notification, new case or task.
Pre-configured Event Triggers
Defining triggers for every security sensitive operations is a daunting task. CloudAware Federal roots come from 7 years of providing AWS managed services to some of the largest AWS customers. Based on our experience from providing AWS managed services, we pre-configured over 100 policies that trigger change requests. Sample event triggers are creating an instance without required tags, missing backups on a database or not monitoring a production server. CloudAware Federal will detect these conditions out of the box on day one.
Cloudflow Process Designer
CloudAware is built on top of force.com. Force.com includes highly functional and easy to use visual process designer. Using process designer, you can create advanced workflows like double approvals for new AWS AMIs or CloudFormation templates. Customer handlers to deal with rejections and approvals.
PCI and HIPAA Compliance
For every non-standard change that required a notification, approval or any other form of action, CloudAware Federal will record who approved or rejected the change, who made the change, when and why. This information is stored in the auditbooks. Auditbooks is an actual electronic evidence necessary to comply with PCI section 2.2, HIPAA 164.308 and FISMA 3544.
Five Problems We Solve:
- 1Undetected and unreviewed changes.
- 2People not following change processes.
- 3Change requests assigned to wrong approvers.
- 4Slow approvals and review processes.
- 5Lack of audit trail who approved what change.