Experian Uses Automatic Remediation on AWS Config to Maintain a Secure Cloud Environment

2021

Experian, a global technology company and a leader in data and analytics, is committed to being an early adopter of technology that can improve the power of data for its clients and consumers. The company strives to be fully prepared to help clients and consumers take financial control and access financial services, make smarter business decisions, and prevent identity fraud and crime. As part of this, Experian needed a solution to help manage security alerts arising from its cloud environments. Experian also wanted to standardize and automate security protocols to address the root cause of the security alerts.
 
Experian turned to Amazon Web Services (AWS) for a solution and decided to use AWS-native security tools to monitor its configurations, using AWS Config, which lets users assess, audit, and evaluate the configurations of their AWS resources. By implementing a standardized security solution on AWS, the company has reduced its security alerts and can now more simply meet compliance standards while maintaining the flexibility to customize environments to best fit its clients’ needs.
Abstract image of person using a smart phone with data visualizations overlay
kr_quotemark
Standardizing our tooling and functional use cases would give our clients a single, more unified view from an application and a functional perspective, and that’s where AWS came in with the ideal services to support us in realizing that vision."

Neil Boulter
Global Director of Application Security, Experian

 

Seeking a Solution for Standardization

Experian uses technology and innovation to help modernize the credit reporting industry and satisfy the near-real-time data demands of consumers and businesses. To do this, the company had been operating many different cloud environments across multiple business units to afford its internal teams and customers the flexibility to customize functionality within their own environments. The result was having to manage security alerts across multiple environments. Experian’s global security team found itself spending its time remedying symptoms instead of the root cause of its security alerts. “The question became ‘How can we best give our clients the tools that provide them flexibility in their environments’ functionality without compromising security?’” says Neil Boulter, global director of application security for Experian.

Experian needed a solution that could help prevent security alerts by keeping all its cloud environments in a continual state of compliance and automatically take care of residual security alerts in near real time. “Standardizing our tooling and functional use cases would give our clients a single, more unified view from an application and a functional perspective, and that’s where AWS came in with the ideal services to support us in realizing that vision,” says Boulter.

Adopting a Centralized Structure for Cloud Environments

Experian made the decision to automate and standardize its cloud environments by implementing AWS-native security tools in March 2020, and it deployed its first environments within this centralized structure in July. Experian decided to use AWS-native security tools for the practicality of building on top of its existing cloud infrastructure, which uses Amazon Simple Storage Service (Amazon S3)—an object storage service that offers industry-leading scalability, data availability, security, and performance—among other AWS services. Using AWS-native security tools removed layers of management and maintenance for Experian as well as the need to abstract third-party tools.

Experian deployed the new security solution built using AWS in its centralized cloud environment called Experian Express Cloud (EEC). This deployment delivered automatic remediation of misconfigurations throughout all the EEC-linked accounts. To accomplish this, Experian used AWS CloudFormation, which lets users model, provision, and manage AWS and third-party resources by treating infrastructure as code. “At Experian, cloud security has been at the forefront for keeping our cloud environments compliant with enterprise standards,” says Vinay Rudrappa, director of cloud engineering services. “Enterprise cloud environments that are managed through automated policy-driven governance drive best practices in cloud operations, cloud financial management, and cloud security compliance,” says Reuben Landge, cloud security architect at Experian. So far, Experian has applied standardized security controls to over 400 of its accounts, and the number is continually growing.

Experian now has near-real-time visibility and automatic remediation of its cloud environments through AWS Config and AWS Lambda—a serverless, event-driven compute service that lets developers run code for virtually any type of application or backend service without provisioning or managing servers. By setting up AWS Lambda to automatically respond to real-time alerts from AWS Config, Experian has simplified the assessing, auditing, and remediating of its cloud resources to maintain desired configurations, which in turn simplifies cloud management and operational troubleshooting. The company has also built flexibility for its internal teams and clients into its automatic remediation by creating an exception process to policy enforcements. It uses AWS Systems Manager—a secure, complete management solution for hybrid cloud environments—to gain detailed information about the account when misconfigurations trigger a security alert.

Since Experian’s implementation of AWS tools and its environment standardization, its cloud security teams have been able to remain flexible and innovative. “Using AWS Config, we can automatically change the configurations that need remediation, so our teams can focus on applications and servicing their customers,” says Landge. By using AWS Config, Experian enjoys visibility and can correct misconfiguration in 2–5 minutes, compared to 24 hours using third-party tools.

By applying standardized cloud infrastructure, Experian decreased the number of security alerts in its Amazon S3 buckets by 80 percent from June to August 2021. Additionally, after implementing queue encryption remediation through Amazon Simple Queue Service (Amazon SQS)—a fully managed message queuing service—in October 2021, Experian saw an 80 percent reduction in alerts. This standardization has also made it simpler and faster for the company to spin up new environments and apply changes across existing ones, increasing scalability. The modularity of the security solution means Experian can reuse components and automate aspects of development, which saves engineers time.

Continuing to Reduce Security Alerts

Experian expects to see a continued decrease in security alerts, including a 27 percent reduction of alerts across EEC accounts within 1 month. Deploying AWS-native security tools across standardized cloud environments gives the company the ability to maintain the flexibility it likes to offer its customers while freeing Experian’s cloud security teams from constant manual remediation of alerts. “We can now go to our teams and say, ‘Here is a tool that can help you not only manage these alerts but also immediately reduce the number of alerts in your account by 80 percent,’” says Landge.

About Experian

Experian is a multinational consumer credit reporting company headquartered in Dublin, Ireland. It collects, aggregates, and analyzes data from over one billion people and businesses worldwide.

Benefits of AWS

  • Built a centralized remediation strategy for existing and new cloud accounts
  • Applied standardized security controls to 400+ accounts
  • Decreased Amazon S3 bucket security alerts by 80%
  • Corrects misconfigurations in 2–5 minutes, instead of 24 hours using third-party tools
  • Supports flexibility for internal teams and clients

AWS Services Used

AWS Config

AWS Config is a service that lets you assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

Learn more »

AWS CloudFormation

AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code.

Learn more »

AWS Systems Manager

AWS Systems Manager is a secure end-to-end management solution for hybrid cloud environments. AWS Systems Manager is the operations hub for your AWS applications and resources, and is broken into four core feature groups.

Learn more »

AWS Lambda

AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers. You can trigger Lambda from over 200 AWS services and software as a service (SaaS) applications and only pay for what you use.

Learn more »


Get Started

Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.