Securing our internal environment

The foundation of our approach to security is keeping our own internal environments secure.

Building security into our architecture

At Culture Amp, we have a modern, cloud-native architecture which has enabled us to build security into infrastructure and applications from the ground up rather than as an afterthought, as security is an inherent part of the development and deployment process

We have controls that are largely automated and embedded within our cloud environments; for example all privileged access into our cloud platforms is facilitated via a robust Just in Time (JIT) based approval and provisioning workflow allowing timeboxed, legitimate privileged access that is timeboxed and deprovisioned automatically. Our automated controls are implemented using DevOps tools and processes allowing us to take advantage of cloud services and capabilities, and build in secure defaults.

Securing our endpoint devices

At Culture Amp we employ a comprehensive endpoint security approach that integrates several advanced technologies to protect our Campers regardless of their location. Our Endpoint Detection and Response (EDR) system continuously monitors and responds to potential threats and, with 24/7 managed proactive threat hunting, ensures swift detection and mitigation of endpoint security incidents. To safeguard internet usage, Culture Amp employs Secure Web Gateway capabilities to protect against malicious or unauthorised web content.

Continuous monitoring is fundamental to our endpoint security approach, providing real-time insights and alerts on endpoint activities with key indicators centralised in our SIEM for further investigation and correlation against other sources.

Ensuring secure access to our ecosystem

At Culture Amp, securing access to our environment is a top priority. We have adopted a zero trust security model which assumes that threats can originate both outside and within our network boundaries.

User accounts are provisioned and terminated automatically via our HR information system and in accordance with the principles of least privilege. Access to elevated privileges is controlled and provisioned via an automated Just in Time approval and provisioning process with oversight from the Security function.

The creation, storage, and use of access keys is tightly controlled and monitored with integrated detection and response processes in place to identify malicious use or compromised credentials.

Security in our day-to-day operations

Integrating cybersecurity seamlessly into our daily operations is a key priority for the Culture Amp team. In a dynamic environment like Culture Amp’s, it is necessary to embrace embedding security measures early in the development lifecycle and automating the deployment and enforcement of key controls. We enforce robust requirements for the identification and classification of assets, services, and data, and automate the hardening of services to ensure that they are consistent and comply with our security policies. This standardised configuration helps to prevent misconfigurations that could lead to security breaches.

Culture Amp has established a common architecture for log shipping which allows for the rapid ingestion of relevant logs in our centralised Security Information and Event Management (SIEM) system. These security signals enable intelligence-driven detections, highlight potential indicators of compromise, and allow for continuous real-time monitoring and the rapid identification of anomalies and trends. This centralised logging and monitoring framework enhances our ability to respond to incidents promptly, ensuring the security and integrity of our operations and data.