Blue Sentry Cloud Ensures Security and Compliance

Lee Hylton / January 19, 2021

Security is on everyone’s mind these days. If you are responsible for managing an IT environment or deploying new products, security is likely a critical consideration for your company. Of course, the daily headlines about security breaches and new threats would unsettle even the most seasoned IT manager.

At Blue Sentry Cloud, security is built into everything we do — even in our name. A “sentry” is a soldier who stands guard and controls access to a valuable resource. We are named Blue Sentry Cloud because we were created to help organizations take full advantage of cloud infrastructure, while ensuring their security.

We want you to be able to confidently build your environment and deploy new products with the knowledge that your cloud infrastructure is designed with security and safety built in. That’s why we’re devoted to working with you to reshape your applications into cloud-native architectures that are built from the start to be secure.

Whether you are migrating or launching greenfield environments, your cloud infrastructure is simply as secure as its design supports. We incorporate security at each step, applying cloud best practices and utilizing an Infrastructure as Code (IaaC) approach to build your cloud infrastructure ensuring that your environment is secure from day one. Blue Sentry Cloud can guide your team through this process and provide training and knowledge transfer or, if you do not have an internal cloud infrastructure and security expert, we can fully support your environment for less than the cost of an internal FTE. Don’t journey through the pitfalls of cloud infrastructure security without an experienced partner. Blue Sentry supports and secures hundreds of client environments, most having high compliance burdens such as HIPAA, PCI, fedRAMP and other regimes.

Our Process

Starting with the tools that AWS makes available to all customers, our templates take advantage of services for security, monitoring, scalability, reliability, and fault-tolerant architectures. AWS provides a number of industry-leading security and monitoring services, including GuardDuty, Control Tower, CloudWatch, Config, and Inspector. These are all powerful tools when properly configured and used in concert. We work with organizations to ensure that they have the right suite of tools, properly configured, and incorporated into all instances.

We achieve this by adhering to a strict Infrastructure as Code (IaaC) approach and treating our customer’s infrastructure components with the same rigorous testing and peer-reviewed commits that are best practices for application code. In our source controlled IaaC repository, each new change to the environment is tracked and double peer-reviewed before any commit is made to the master branch.

Using Terraform as our base, Blue Sentry Cloud maintains a repository of templates that are tested, as well as, proven architecture designs that are designed for compliance with PCI, HIPAA, FedRamp, ISO, and other regulatory requirements. Each of these templates can be used as the bedrock foundation for our customers’ environments, allowing us to help you build and tweak the environment to your specific needs while maintaining best practice standards for security, reliability, cost optimization, and performance.

As an AWS Premier Consulting Partner certified to perform Well-Architected Reviews based on the AWS Well-Architected framework, Blue Sentry Cloud has extensive experience in the identification and remediation of infrastructure shortfalls. Using this knowledge, we are able to build new customer environments correctly from the beginning. This avoids many of the problems that we see in the outside environments that we review. Using a templated, IaaC approach designed to meet or exceed AWS’s exacting standards, new environments built by Blue Sentry feature architecture that supports best practices for each of the five pillars of the Well-Architected framework: Security, Reliability, Operational Excellence, Performance Efficiency, and Cost Optimization.

In addition, Blue Sentry Cloud works with several attestation partners who assist our customers in achieving certification for all relevant regulatory platforms and regimes. We regularly help shepherd our clients through the certification and attestation process for PCI, HIPAA, ISO, and FedRamp requirements. We can also work with any compliance attestation partner the client may choose.

Blue Sentry Cloud also applies automated tools to give us a real time picture of compliance with the well-architected framework. These tools monitor and help ensure that environmental security is maintained at the application, network, and container level Blue Sentry is an audited AWS Managed Service Partner. All Blue Sentry MSP customers automatically get these reports free of charge (a sample of the dashboard follows).

Blue Sentry Cloud Ensures Security and Compliance

We work with you to ensure that your compliant environments remain compliant. Our engineers regularly provide formatted reporting for your review to ensure that all parties have a clear view of the current compliance state.

Have peace of mind that your environment is securely architected. Let Blue Sentry show you how. Contact us today for more information.