Cloud Configuration Reviews


Most organisations store some of their data or applications in the cloud. For example:

While using cloud services can have many benefits, it’s important to make sure that the environments are setup properly to protect your data, and to make sure you understand what security guarantees the platforms provide versus what is still your responsibility.

How we can help

Pākiki can review your cloud environment and work with you to:

Note: Pākiki does not employ any cloud architects. We can’t advise on whether your application is well architected, is making the best use of platform features, or advise on the security, performance and cost tradeoffs between different approaches.


The particular methodology will vary depending on the particular cloud platform in use, however broadly speaking the methodology is:

  1. Information Gathering Understanding how you’re using the cloud, what type of data/applications you’re holding and what features of the cloud provider you’re using.
  2. Configuration Review Log in to the environment and check the configuration in line with industry benchmarks and/or government recommendations (EG. NZISM).
  3. Manual checks Review the permissions on the resources which fall outside of of the checks above.
  4. Provide advice Take the output of the above checks, and use our understanding of your business to provide practical, tailored advice on how you can improve your security.

The particular objectives of the engagement will be discussed during a scoping call, along with any limitations, or resources which should be explicitly in or out of scope.

Get in touch

We’d love to hear more about your cloud environment or project, and to discuss how we can help.