AWS Account Security

Struggling with these security concerns?

• ✓ Need optimal security for your AWS account
• ✓ Finding AWS account initial configuration complicated
• ✓ Concerned about unauthorized access and incident response
• ✓ Struggling with AWS security operations management

AWS security is achieved through mutual cooperation between AWS and users. The responsibility scope is defined by the Shared Responsibility Model. For example, with Amazon EC2, users are primarily responsible for layers above the OS, including the operating system (OS), middleware, and applications, while AWS is responsible for physical servers and data centers.

Our AWS Account Security service provides support for configurations and security measures that users are responsible for implementing under the Shared Responsibility Model.

Secure Account Service

Based on our experience supporting over 5,000 companies and 30,000 accounts, and following AWS's Shared Responsibility Model, we issue accounts with recommended security configurations for AWS usage. All customers who subscribe to our Classmethod Members (TH) receive our Secure Account Service free of charge, which includes support for correcting configuration errors and updates to AWS features and functionality.

Implementation of our Secure Account service establishes and maintains the following security environment. This configuration ensures an initial AWS Security Hub security score exceeding 90%.

Secure Environment Setup In One Click

We provide AWS accounts with optimized complex configurations including: AWS API audit logs, Configuration change logs, Password policies, Volume encryption, Block public access settings for object storage, Preventive monitoring, Incident alerts etc. Eliminate the complex design and implementation work - deploy over 100 best-practice settings with just one click.

This service is available free of charge for Classmethod Members (TH) subscribers.

Constant Secure Environment Maintenance and Updates to Latest Standards

You can choose which security settings to entrust to Classmethod for maintenance, based on your company's policies.

For the entrusted settings, we will regularly monitor configuration status and automatically repair any accidentally disabled security settings

Moreover, we will maintain secure configurations and automatically update settings to align with AWS Best Practices as AWS services evolve.

Enhance Security and Reduce Costs by Restricting Unused Regions

To apply security across an AWS account, security features must be enabled in all active regions to prevent potential exploitation by attackers and unauthorized resource creation. To address these challenges, the Secure Account service provides a 'Region Restriction Feature' that limits AWS access to only required regions.

The 'Secure Account Region Restriction' feature uses AWS Organizations' Service Control Policy (SCP) to fundamentally ensure security by restricting access to unused regions. This feature allows customers to enforce security in unused regions, guarantee overall account safety, and reduce security-related costs for restricted regions.

Customers can instantly activate or deactivate this feature through the Classmethod Members Portal. The changes take effect immediately and are fully applied within minutes. The 'Secure Account Region Restriction' feature can be implemented without additional fees.

Complete Security Support: From Incident Response to Prevention

We provide support for AWS security incidents and offer assistance in improving operations to prevent recurrence.