CASE STUDY
Data security in a
multi-cloud environment
This US-based data intelligence platform was experiencing strong growth, resulting in significantly more customer data being stored in the cloud. As the company approached the 400-employee mark and began to feel more pressure on its cybersecurity team, the time came to sunset in-house tools developed on open-source offerings and deploy a solution that would make it easier to maintain a strong security posture over a sprawling multi-cloud estate.
Challenges
Over-reliance on in-house developed tools that needed maintenance and investment
Mix of technical and not-so-technical stakeholders involved in chain of command
Growing multi-cloud environment (AWS, Azure and Google Cloud), including Kubernetes infrastructure
Increasingly complex data inventory
Rapidly expanding team resulting in tedious and time-consuming cloud access reviews
Increasing workload for cybersecurity team – more data to secure, more assets to manage, more tasks to perform
Additional compliance overheads as the business required more robust accreditations including ISO 27001 and SOC2 Type 2
Results
Single-pane-of-glass view across the multi-cloud estate, no tool-hopping for different clouds
Visibility of all data stores across all environments and status (e.g. is it encrypted or publicly accessible?)
Intuitive visualization of how data flows, how it is used, and who (users, applications or machines) has access to it
Ability to group infrastructure by different clouds, different customers
Automated misconfiguration detection, enhanced confidence through real-time security monitoring
Compliance posture monitoring against CIS Benchmarks, including Kubernetes
Exportable reports to be shared with other stakeholders, including remediation instructions
Time back through elimination of bespoke tool development and significantly improved access reviews
About
Data security in the cloud became a priority as this data intelligence company was experiencing near 20% year-on-year growth, onboarding customers into a flexible environment including on-premises, hybrid, and multi-cloud, including AWS, Azure and Google Cloud. The company also relied heavily on Kubernetes clusters that needed security and compliance coverage, as it was losing visibility of the relationship between customer-generated data and the associated data security risk.
Problem
As the company ingested more customer data, the cloud estate grew and became increasingly difficult to monitor from a security perspective. A commercial decision that added dozens of partners to the company’s cloud ecosystem compounded the challenge further.
The company had been using a combination of cloud provider native security tools and open-source offerings, but these were becoming increasingly resource intensive to maintain and manage.
In terms of personnel, the company was onboarding (and offboarding) employees and guest/customer/partner users and services more frequently, creating further overheads in terms of access management and reviews, which were becoming more laborious to perform.
Furthermore, stakeholders now included a mix of cybersecurity savvy practitioners and less technical executives who needed a business-focused understanding of the security and compliance posture.
Solutions
Cyscale’s integrations with multiple clouds including AWS, Azure, Google Cloud, and Kubernetes meant a single view into the entire cloud estate, with no need to jump between different provider dashboards.
Automated misconfiguration and vulnerability checks, along with contextual real-time alerts made it easier to manage the security posture of the environment and respond to critical issues early. The company was able to map its controls to various CIS Benchmarks as well as the ISO27001 and SOC2 Type 2 frameworks and stay on top of compliance drift. Automated data security policy management made it easy to pull evidence into the generated reports.
Security practitioners were able to export detailed PDF reports of the security reviews, complete with remediation instructions, to give the company’s CISO and other senior but less technical executives an understanding of the cloud security and compliance posture.
Finally, CIEM and IAM capabilities made access reviews and ex-employee-offboarding an almost completely automated process.
Results
The company was able to achieve a single dashboard security view across its entire multi-cloud estate and group infrastructure into useful buckets based on customer footprint and technology using Scopes.
The reduced need for bespoke solutions lowered costs and returned development and maintenance time to the engineering department. Cyscale also came in cheaper than Lacework, which was also up for consideration.
The company was able to improve confidence around data security and compliance with both its customers and its expanding ecosystem of technical partners.
Overall security posture improved due to automated misconfiguration and vulnerability scanning, and the company was not slowed down working with customers and partners in multiple cloud environments. Identity and access reviews also become much easier and less time consuming as the company was able to largely automate the process.
Easy-to-understand cloud data security and compliance reports, with controls mapped to chosen benchmarks, were a significant contributor to the company being able to build a ‘culture of cybersecurity’ and get buy-in from stakeholders before actioning significant changes.
Conclusion
Data is the most valuable asset a company possesses and in the case of organizations in the data intelligence business, where customer data is at stake, cloud security is critical.
In these instances, organizations tend to create data stores faster than cybersecurity teams can secure them, resulting in significant cloud data security and compliance risks.
Fortunately, Cyscale is well-versed in data security in the cloud and data security posture management (DSPM) and is even the maintainer of the OWASP Data Security Top 10, seen as the essential guide about the major security risks for storing and moving sensitive and PII data, the challenges involved, and how to overcome them.
Using Cyscale, the company was able to get a single interface into its entire cloud estate, along with a comprehensive data inventory and easily digestible reports on security and compliance posture.
In terms of day-to-day work, Cyscale helped reduce pressure on the security team by automating a lot of the menial tasks associated with access reviews, and misconfiguration identification and remediation.
The solution also worked out cheaper than both alternative vendor-provided solutions and ongoing development and maintenance of the in-house solution the company had been reliant on previously.
Ready to find out how Cyscale can protect your data in the cloud? Watch this video
DISCOVER THE NEXT CASE STUDY
Smart Fintech uses Cyscale to gain IAM visibility and ensure cloud security and complianceReady to get started?
Improve your cloud security posture today
Sign up for a custom demo to see how we close security gaps
and help you leverage the cloud with confidence.
RECOMMENDED ARTICLES
News and Insights about CNAPP
The Complete Guide
to Cloud Storage Misconfigurations
This guide helps CIOs, CISOs and security staff to understand the risk & dangers of data security breaches and the importance of a secure cloud storage infrastructure.