How does the connection of the tool work?

For the connection, only a few configuration steps need to be carried out on the client side, such as setting up the necessary authorisations. In order to connect the required cloud platforms, there are instructions that guide easily through the process.

What impact will the scan have on my cloud environment?

The Cloud Compliance and Security Inspector only receives read access to the cloud environment. Performance losses or deterioration of the user experience are excluded.

How can clients use the tool?

Clients can choose between four models: Baseline check: quick assessment of 5 cloud security domains Full-scope assessment: a fully comprehensive cloud assessment with detailed risk analysis and management report Managed Service: assessments as a Managed Service by PwC with regular benchmarking and reporting Software-as-a-Service solution in a licence model: access to the tool for own assessments

What happens with the data in the Cloud Compliance and Security Inspector?

At the application level, only the login data (e.g. user ID) is processed in the tool. Data processing is carried out on databases which, like the tool itself, are hosted in the German PwC infrastructure. These instances can only be accessed via itself. Personal data is not transferred to different countries.

Can the controls be flexibly adapted to the clients' needs?

The integrated benchmark can be edited individually. In addition, the import function offers possibilities to adapt the controls to be audited to one's own company needs.

Cloud & Digital

Risk & Regulatory

Cloud Compliance and Security Inspector

Assess and monitor cloud security in your cloud environment

How secure is your cloud?

The diversity of cloud services leads to a very high level of complexity in the IT landscape. Each cloud provider, such as Azure or Amazon, has its own unique security features using different technologies. However, checking for misconfigurations is very time-consuming and complex. Especially when using multiple cloud services, it is difficult to control and manage security.

Benefits

650 +

Configurations

Hundreds of security-relevant configurations can be checked with the Cloud Compliance and Security Inspector in the form of automated assessments.

10 +

Benchmarks

In addition to industry standards such as NIST SP 800-53/CSF, ISO27001 and CIS, benchmarks can be customised to meet the needs of individual users.

- 80 %

Security Incidents

Using a CSPM tool can reduce cloud-based security incidents due to misconfiguration by up to 80 percent.

The solution for your cloud security

The Cloud Compliance and Security Inspector can be used for continuous monitoring of compliance with standards and requirements as well as user and authorisation audits.

Automated monitoring

Automated monitoring of the multi-cloud environment provides real-time insights, showing status and details of the cloud environment's security controls. Controls of different domains are considered, such as identity and access management, data security, infrastructure security, logging and monitoring.

Benchmarking and scoring model

Our tool checks the compliance of the cloud environment with various standards, including NIST, CIS, ISO as well as self-generated independent PwC Good Practices. Thanks to a uniform, in-house developed scoring system, comparable assessment results on the security of the cloud environments of different cloud providers are made possible.

Holistic view of the cloud

In addition to the automated benchmarking of the technical security configurations, the associated higher-level processes are identified, analysed and evaluated. This ensures a thorough holistic view of the cloud environment.

Integrated and diverse controls

With our tool, you can audit user as well as privileged accounts and keep an eye on compliance status. Hundreds of built-in, automated controls are available in a flexible and customisable way – along with the development of your own controls based on your individual requirements.

Management report and quick wins

The comprehensive reporting gives you detailed insights into the security of your multi-cloud environment. This includes both easy-to-implement quick wins and long-term strategic recommendations. We use the results to create a roadmap tailored to your needs.

In the Spotlight

Independent consultation

PwC advisory services are independent of cloud providers and conducted by certified experts. Our recommendations are always risk-based and tailored to your specific needs.

Full-Stack Cloud Security

Our experts support you in establishing the necessary measures to protect your cloud environment. In doing so, we take into account the risk profile of your company and the security requirements necessary for your systems and data.

Pricing

You have questions or would like more information about the Cloud Compliance and Security Inspector?

Contact our experts now

This might also be interesting for you:

globalDoc Solution®: Consistency, compliance and efficiency for your transfer pricing documentation

Learn more

Piracy Detection Tool: Protection against product piracy

Learn more

Data Protection Manager: Data protection made simple

Learn more

External Data Protection Officer (eDOP): Professional support in data protection

Learn more

Cloud Compliance and Security Inspector

How secure is your cloud?

Benefits

The solution for your cloud security

Automated monitoring

Benchmarking and scoring model

Holistic view of the cloud

Integrated and diverse controls

Management report and quick wins

In the Spotlight

Independent consultation

Full-Stack Cloud Security

Pricing

FAQ

Downloads

One Pager

Brochure

You have questions or would like more information about the Cloud Compliance and Security Inspector?

This might also be interesting for you:

How secure is your cloud?

Benefits

The solution for your cloud security

Automated monitoring

Benchmarking and scoring model

Holistic view of the cloud

Integrated and diverse controls

Management report and quick wins

In the Spotlight

Independent consultation

Full-Stack Cloud Security

Pricing

FAQ

.__m__-Rld6tlllrlfdtlddklbm{font-size:calc(1rem * var(--mantine-scale));}@media(min-width: 62em){.__m__-Rld6tlllrlfdtlddklbm{font-size:calc(1.125rem * var(--mantine-scale));}}How does the connection of the tool work?

.__m__-Rldatlllrlfdtlddklbm{font-size:calc(1rem * var(--mantine-scale));}@media(min-width: 62em){.__m__-Rldatlllrlfdtlddklbm{font-size:calc(1.125rem * var(--mantine-scale));}}What impact will the scan have on my cloud environment?

.__m__-Rldetlllrlfdtlddklbm{font-size:calc(1rem * var(--mantine-scale));}@media(min-width: 62em){.__m__-Rldetlllrlfdtlddklbm{font-size:calc(1.125rem * var(--mantine-scale));}}How can clients use the tool?

.__m__-Rlditlllrlfdtlddklbm{font-size:calc(1rem * var(--mantine-scale));}@media(min-width: 62em){.__m__-Rlditlllrlfdtlddklbm{font-size:calc(1.125rem * var(--mantine-scale));}}What happens with the data in the Cloud Compliance and Security Inspector?

.__m__-Rldmtlllrlfdtlddklbm{font-size:calc(1rem * var(--mantine-scale));}@media(min-width: 62em){.__m__-Rldmtlllrlfdtlddklbm{font-size:calc(1.125rem * var(--mantine-scale));}}Can the controls be flexibly adapted to the clients' needs?

Downloads

One Pager

Brochure

You have questions or would like more information about the Cloud Compliance and Security Inspector?

This might also be interesting for you: