Cloud Security Architecture Assessment
Cloud Security Architecture Assessment ⫘
Important
The service listed above is only available to any customer for whom IMR was quoted on or before to March 31, 2022, and that customer executed a Transaction Document for the IMR within 90 days of the quote. By selecting this Service, Customer acknowledges and agrees that, notwithstanding anything to the contrary set forth in Customer’s agreement with Secureworks, Secureworks may subcontract these Services to Insight Direct USA, Inc., provided that, Secureworks will remain responsible for the performance of the Services to the same extent that it would be liable for its own acts or omissions.
Service Overview ⫘
Secureworks will assess your cloud security controls and cloud security architecture as related to cloud security best practices based on Secureworks custom-defined standards, which uses aspects of the Cloud Security Alliance Cloud Controls Matrix, National Institute of Standards and Technology (NIST) standards, and Secureworks experience.
Service Methodology ⫘
Secureworks will use a comprehensive approach to review your cloud security controls and architecture, providing you with advice and recommendations in conjunction with the assessment. The assessment process consists of the following:
- Initial Meeting: Secureworks will contact you to schedule the initial meeting in which we will discuss goals and objectives to assess security controls, roles and responsibilities, scope definition, project schedule, and report requirements.
- Assessment: During the assessment, a Secureworks consultant will conduct activities (such as interviewing your personnel) related to assessing your security controls. The assessment will be conducted on-site at a customer-designated location. Your in-scope policies, standards, guidelines, procedures, and other documentation will be validated against security best practices.
- Concluding Activities: During the three-week period after conclusion of the assessment, Secureworks will analyze documentation that you provided as related to cloud security best practices and conduct additional discussions and activities with your subject matter experts as needed.
Outcome ⫘
You will receive a report that includes the following:
- Analysis of your security controls and documentation as related to cloud security best practices
- Identified gaps in your security controls
- Prioritized recommendations for improvement based on your risk profile, goals, and resources
Secureworks may also deliver an optional executive presentation to discuss the assessment and report.
Scope and Service Units ⫘
| Scope | Description | Service Units |
|---|---|---|
| Small | 1 Cloud Environment (AWS, Azure, or Office 365) Up to 5,000 Employees |
28 Executive Presentation can be added (requires 4 Service Units) Additional Cloud Environments or Cloud Assets can be added (requires more Service Units) |
| Medium | 1 Cloud Environment (AWS, Azure, or Office 365) Over 5,000 Employees |
40 Executive Presentation can be added (requires 4 Service Units) Additional Cloud Environments or Cloud Assets can be added (requires more Service Units) |
| Large | Up to 2 different Cloud Environments (AWS, Azure, or Office 365) Up to 5,000 Employees |
48 Executive Presentation can be added (requires 4 Service Units) Additional Cloud Environments or Cloud Assets can be added (requires more Service Units) |
Scheduling and Booking Information ⫘
See Service Scheduling for information about scheduling this service.