Stoïk's Cloud scan, in a few words
Stoïk Protect's Cloud scan monitors and analyzes the part of the insured company's infrastructure located in the Cloud.
The Cloud is a primary target for hackers, as it is an entry point into the information system: once they gain access, they can easily encrypt the information system and data. The Cloud scan is designed to slow down or even halt the progress of attackers.
Stoïk's Cloud scan, from a technical standpoint
The Cloud Scan is available on Amazon Web Service (AWS), Microsoft Azure and Google Cloud Platform (CGP). It analyzes elements of the Cloud configuration considered critical for cybersecurity, including:
- User access methods and rights: verifying that user rights and authentication methods are properly hardened.
- Password policy: auditing the password policy to ensure it is not overly permissive.
- Exposure of databases: confirming that databases are not publicly exposed on the Internet and analyzing access rights.
- Firewall rules: auditing access rules to the Cloud infrastructure.
- Backup policy: ensuring that certain backups are performed regularly.
The Cloud scan relies partly on two robust and complementary open-source tools – Scout Suite and CloudSploit – which have been refined by our teams of certified experts in Amazon Web Services Security Specialty and Google Cloud Platform Professional Cloud Security Engineer.
The Cloud scan is non-intrusive: Stoïk Protect only has read access to the Cloud infrastructure configuration to perform technical audits. Protect does not access the data stored in the Cloud – such as company data or emails – and cannot modify the infrastructure.