High Compliance

Adopting a standard, a framework or best practices provides great benefits for organizations adding predictability, standardization, security, etc. But monitoring and ensuring compliance can be a costly, time-demanding, and team effort challenge. StackZone not only helps organizations align to

standards and best practices but provides monitoring and restrictions capabilities to help the infrastructure team ensure continuous compliance. This is done by implementing improvements and remediations through automation in a fraction of the time and cost of manual implementation.

Multiaccount LandingZone

As part of StackZone implementation, and as set by cloud best practices, StackZone deploys a multi-account landing zone improving the organization's management capabilities. When talking about compliance, managing access, monitoring and standardizing are clue factors to remain aligned.

image.png

StackZone Multiaccount LandingZone

The Core accounts deployed by StackZone are the Primary, Log Archive, Security, Networking and Shared Services accounts.

Even though this infrastructure as a whole helps the organization to remain compliant the accounts directly involve in High Compliance are:

Primary Account: Centralised and secure management of access is a basic request on every standard. StackZone implements Single Sign-on with Multi Factor authentication in all the organization's environments centrally administered from the Primary account.


Security Account: This account hosts all the security services oriented to provide the infrastructure and security team

monitoring accesses, monitoring security, and security assessment capabilities.

 

Shared Services: Standardizing your deployment is essential when talking about compliance. StackZone's EC2 Builder on the share services Account, allows your infrastructure team to organize, validate, secure and enforce the AMIs in use across your organization.

GuardRails

StackZone easily implements Service Control Policies to ensure your environments remain compliant with standards and internal policies.

Captura de Pantalla 2022-05-31 a la(s) 10.44.18.png

StackZone GuardRails

Service Control Policies: SatckZone will help the infrastructure team by ensuring every instance has the right tag and/or ensuring only compliant services can be deployed in the organization by simply enabling Tagging, HIPPA, PCI DSS, SOC, or machine learning guardrails.

Baseline Services

Stackzone Baseline services are AWS services configured and orchestrated by StackZone that ensure your resources configuration is compliant.

Captura de Pantalla 2022-05-31 a la(s) 10.43.46.png

StackZone Baseline Services

Monitor your resources configuration with our 51 compliance related config rules.

 

Every standard and best practice framework requires backup, ensure your information is backed up in just a couple of clicks by simply configuring AWS Backup on StackZone's console.

Instantly solve non-compliant resources through automation with our 11 compliance-related remediation rules.

Deploy compliant infrastructure using our Service catalog portfolios as well as StackZone's auto-tagging features.