Security as Added Value When Planning a Cloud Migration Strategy

The benefits organizations derive from adopting a cloud migration strategy are driven by several compelling factors that are as diverse as the business’ motivation for moving into the cloud. Organizations are well-aware of cloud computing’s value proposition, such as reduced disaster recovery costs, improved architectural flexibility, zero capital expenses to build out a new data center, and much more. However, one of the less obvious and understood factors—yet one that cloud customers benefit greatly from—is improved infrastructure security.

Cloud Service Providers, such as Amazon Web Services (AWS), have demonstrated their commitment to security through achieving compliance with numerous external compliance programs. Additionally, in an effort to ensure that AWS customers are well-protected (Shared Responsibility Model), they have proactively published best practices, such as Security by Design (SbD) and AWS Security Best Practices, and have continued to deliver native AWS services to improve security operations (e.g. WAF, Inspector, Config, CloudTrail, etc.).

When Deltek acquired HRsmart (now Deltek Talent Management) they began to plan the migration of the application to AWS where Deltek has been offering SaaS solutions for more than six years. Deltek’s cloud architects designed a cloud architecture that leveraged AWS Security Best Practices and ensured that their cloud infrastructure was compliant with their own internal security standards. Deltek then engaged GuidePoint Security’s Cloud Security Practice to provide third-party assurance for the secure design their AWS architecture.

GuidePoint leveraged a custom solution consisting of automation, the AWS SDK, and AWS services to deliver a Cloud Security Health Check for Deltek’s AWS environment. The evaluation criteria for Deltek’s Cloud Security Health Check was based upon information security industry benchmarks, AWS Security Best Practices, and GuidePoint’s Cloud Security Framework. The GuidePoint Cloud Security Framework is used by GuidePoint to evaluate AWS environments against cloud security best practices defined by industry standards including the Cloud Security Alliance Cloud Controls Framework, the CIS AWS Foundations Benchmark, and more general standards, such as the PCI Data Security Standard.

By leveraging infrastructure security provided by AWS, utilizing the combination of GuidePoint’s expert security knowledge and cloud operations experience, and being armed with an understanding of the Shared Responsibility Model, organizations like Deltek are able to deploy to AWS with confidence.

Are You Playing Cybersecurity Checkers or Chess?

It is common knowledge that cybersecurity is no longer about protecting a defined perimeter with good firewalls and network defenses. With the rise of the mobile workforce and the threat posed by users’ bad cyber hygiene, it’s no longer simple in cybersecurity. In effect, the cybersecurity game has evolved from a game of checkers with queens (firewalls) and men (AV), to a more complex game that has rooks, kings, queens, pawns, knights and bishops. Each piece has a different skill set and value on the game board defending an organization’s data.

No longer do we protect the network from a singular ingress/egress point and end points with simple signature based AV. Today’s organizations’ IT infrastructure are accessed by users all over the world, outside the boundaries of an on-premise network and typical IT enterprises utilize efficient cloud technologies that extend networks beyond the control of brick and mortar data centers. The attack surface is difficult to ascertain much less defend against. We are no longer playing checkers; we are indeed in the more strategic and difficult game of chess.

This is clearly on display in the expo halls of the largest cybersecurity conferences the likes of RSA. Hundreds of companies are popping up often with valuable new and innovative ideas for CISOs and CIOs to consider. Each one is like a new game piece offering a different way to move around the cybersecurity board and checkmate the nefarious attackers trying to steal data from organizations. Today is an exciting time to be in cybersecurity, but it’s also daunting.

What organizations need is help navigating the wide array of options and assistance integrating and automating the many game pieces in today’s cybersecurity architectures. Simply sending out your knight and rook to protect a pawn without a coordinated plan will probably cost you all three pieces in chess. That’s what we at GuidePoint do every day.

Not only do we help navigate the many different product choices to find the most valuable, but we help organizations put together an architecture that establishes a plan of attack on the chess board with integration and automation to make each piece more effective. If you would like help with your cybersecurity chess game, contact us at

About the author:

Jean-Paul Bergeaux, Federal CTO, GuidePoint Security

With more than 18 years of experience in the Federal technology industry, Jean-Paul Bergeaux is currently the Federal CTO for GuidePoint Security. JP’s career has been marked by success in technical leadership roles with ADIC (now Quantum), NetApp and Commvault and SwishData. Jean-Paul focuses on identifying customers’ challenges and architecting innovative solutions to solve their complex problems. He is also is a thought leader on topics that are top of mind for Federal IT Managers like Cyber Security, VDI, Big Data, and Backup & Recovery.

GuidePoint Security Placed on CRN MSP 500 List for Excellence in Managed IT Services

GuidePoint Security recently made their debut on CRN’s elite 2017 Managed Service Provider 500 (MSP) list in the Managed Security 100 category.

The prestigious annual list is comprised of organizations that have demonstrated excellence in their Managed IT services and North American solution providers with cutting-edge approaches to delivering managed services. Their offerings help companies navigate the complex and ever-changing landscape of IT, improve operational efficiencies, and maximize their return on IT investments.

“GuidePoint’s vSOC Managed Security Services have experienced tremendous growth over the past two years and our inclusion on this list validates that the market is taking notice,” noted Justin Morehouse, GuidePoint Security’s Co-founder and Principal.

“We pride ourselves on our World Class customer satisfaction rating and believe that we are truly advancing the industry through our innovative approach to partnering with our customers to achieve their mission,” Morehouse said.

He cited GuidePoint’s exclusive managed services, Virtual Security Operations Center (vSOC) as one the best examples of the team’s coordinated efforts to level the playing field in terms of providing a customized solution that fits all budgets and organizational sizes, while identifying threats and vulnerabilities and creating a safer cyber environment.

“Managed service providers play an increasingly important role in the day-to-day operations of businesses across North America,” said Robert Faletra, CEO of The Channel Company. “MSPs help organizations streamline their spending, effectively allocate limited resources, and benefit from advanced expertise in the latest technologies. We congratulate the service providers on CRN’s 2017 MSP500 list, who have continually succeeded in meeting their customers’ changing needs and help them get the most out of their IT investments.”

CRN’s MSP 500 list shines a light on the most forward-thinking and innovative of these key organizations.

The list is divided into three categories: the MSP Pioneer 250, recognizing companies with business models weighted toward managed services and largely focused on the SMB market; the MSP Elite 150, recognizing large, data center-focused MSPs with a strong mix of on-premise and off-premise services; and the Managed Security 100, recognizing MSPs focused primarily on off-premise, cloud-based security services.

CRN® is a brand of The Channel Company.

The MSP500 list is featured in the February 2017 issue of CRN and online at

©2017. The Channel Company, LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved.