Cloud: AWS
Responsibility: Project Delivery
A UK-based pharmaceutical company migrated its infrastructure to Google Cloud to enhance scalability and flexibility. However, with rising concerns over data security in the pharmaceutical industry, the company required a comprehensive security assessment to identify vulnerabilities in its cloud architecture. firecaat was engaged to conduct a security gap analysis, focusing on the company’s VPC, Cloud SQL, App Engine, and Load Balancer.
Firecaat conducted a security audit and identified critical gaps in the infrastructure, including public IP exposure, outdated VM images, default service accounts, and disabled Shielded VM in Compute Engine. Cloud SQL had public/private IP assignments, outdated PostgreSQL versions, and lacked encryption. Cloud Storage lacked lifecycle policies, object versioning, and CMK encryption. VPC & Networking had disabled VPC Flow Logs and open firewall rules, while App Engine required HTTPS verification. To mitigate risks, Firecaat recommended using private IPs, updating VM and Cloud SQL versions, replacing default service accounts, enabling Shielded VM, implementing CMKs, setting lifecycle policies, enabling object versioning, activating VPC Flow Logs, restricting firewall rules, and verifying HTTPS in App Engine.
By applying these recommendations, the pharmaceutical company significantly strengthened its security posture. Sensitive data was protected, compliance with industry regulations was ensured, and the risk of security breaches was minimized. Firecaat’s actionable recommendations helped the client enhance its Google Cloud infrastructure and overall security.
Ready To Take The Next Step In Your Digital Transformation Journey? Firecaat Is Here To Provide Tailored Solutions That Empower Your Business And Drive Growth.
Let's Get Started