Change management process will route change requests to the most appropriate queue. Designated approvers can request additional information, reject or approve changes directly via email or from a mobile device.
Realtime Change Detection
CloudAware continuously monitors AWS, Azure, and Google accounts, operating systems, intrusion detection feeds, vulnerability scan results and trusted advisor violations. When a significant event happens a change management process is activated automatically. For example, if CloudAware detects that S3 bucket just became publicly accessible or an instance has not been scanned in WhiteHat for over 3 months, it will instantly fire off a change management process such as an approval request, email notification, new case or task.
Pre-configured Event Triggers
Defining triggers for every security sensitive operations is a daunting task. CloudAware roots come from 7 years of providing Cloud Management services to some of the largest AWS, Azure, and Google Cloud customers. Based on our experience from providing AWS, Azure, and Google Cloud managed services, we pre-configured over 100 policies that trigger change requests. Sample event triggers are creating an instance without required tags, missing backups on a database or not monitoring a production server. CloudAware will detect these conditions out of the box on day one.
Cloudflow Process Designer
CloudAware is built on top of force.com. Force.com includes highly functional and easy to use visual process designer. Using process designer, you can create advanced workflows like double approvals for new AWS, Azure, and Google Cloud AMIs or CloudFormation templates. Customer handlers to deal with rejections and approvals.
PCI and HIPAA Compliance
For every non-standard change that required a notification, approval or any other form of action, CloudAware will record who approved or rejected the change, who made the change, when and why. This information is stored in the auditbooks. Auditbooks is an actual electronic evidence necessary to comply with PCI section 2.2, HIPAA 164.308 and FISMA 3544.
Five Problems We Solve:
- 1Undetected and unreviewed changes.
- 2People not following change processes.
- 3Change requests assigned to wrong approvers.
- 4Slow approvals and review processes.
- 5Lack of audit trail who approved what change.