CASE STUDY

Data security in a
multi-cloud environment

This US-based data intelligence platform was experiencing strong growth, resulting in significantly more customer data being stored in the cloud. As the company approached the 400-employee mark and began to feel more pressure on its cybersecurity team, the time came to sunset in-house tools developed on open-source offerings and deploy a solution that would make it easier to maintain a strong security posture over a sprawling multi-cloud estate.

Cover

Challenges

Over-reliance on in-house developed tools that needed maintenance and investment

Mix of technical and not-so-technical stakeholders involved in chain of command

Growing multi-cloud environment (AWS, Azure and Google Cloud), including Kubernetes infrastructure

Increasingly complex data inventory

Rapidly expanding team resulting in tedious and time-consuming cloud access reviews

Increasing workload for cybersecurity team – more data to secure, more assets to manage, more tasks to perform

Additional compliance overheads as the business required more robust accreditations including ISO 27001 and SOC2 Type 2

Results

Single-pane-of-glass view across the multi-cloud estate, no tool-hopping for different clouds

Visibility of all data stores across all environments and status (e.g. is it encrypted or publicly accessible?)

Intuitive visualization of how data flows, how it is used, and who (users, applications or machines) has access to it

Ability to group infrastructure by different clouds, different customers

Automated misconfiguration detection, enhanced confidence through real-time security monitoring

Compliance posture monitoring against CIS Benchmarks, including Kubernetes

Exportable reports to be shared with other stakeholders, including remediation instructions

Time back through elimination of bespoke tool development and significantly improved access reviews

About

Data security in the cloud became a priority as this data intelligence company was experiencing near 20% year-on-year growth, onboarding customers into a flexible environment including on-premises, hybrid, and multi-cloud, including AWS, Azure and Google Cloud. The company also relied heavily on Kubernetes clusters that needed security and compliance coverage, as it was losing visibility of the relationship between customer-generated data and the associated data security risk.

Problem

As the company ingested more customer data, the cloud estate grew and became increasingly difficult to monitor from a security perspective. A commercial decision that added dozens of partners to the company’s cloud ecosystem compounded the challenge further.

The company had been using a combination of cloud provider native security tools and open-source offerings, but these were becoming increasingly resource intensive to maintain and manage.

In terms of personnel, the company was onboarding (and offboarding) employees and guest/customer/partner users and services more frequently, creating further overheads in terms of access management and reviews, which were becoming more laborious to perform.

Furthermore, stakeholders now included a mix of cybersecurity savvy practitioners and less technical executives who needed a business-focused understanding of the security and compliance posture.

Solutions

Cyscale’s integrations with multiple clouds including AWS, Azure, Google Cloud, and Kubernetes meant a single view into the entire cloud estate, with no need to jump between different provider dashboards.

Automated misconfiguration and vulnerability checks, along with contextual real-time alerts made it easier to manage the security posture of the environment and respond to critical issues early. The company was able to map its controls to various CIS Benchmarks as well as the ISO27001 and SOC2 Type 2 frameworks and stay on top of compliance drift. Automated data security policy management made it easy to pull evidence into the generated reports.

Security practitioners were able to export detailed PDF reports of the security reviews, complete with remediation instructions, to give the company’s CISO and other senior but less technical executives an understanding of the cloud security and compliance posture.

Finally, CIEM and IAM capabilities made access reviews and ex-employee-offboarding an almost completely automated process.

Results

The company was able to achieve a single dashboard security view across its entire multi-cloud estate and group infrastructure into useful buckets based on customer footprint and technology using Scopes.

The reduced need for bespoke solutions lowered costs and returned development and maintenance time to the engineering department. Cyscale also came in cheaper than Lacework, which was also up for consideration.

The company was able to improve confidence around data security and compliance with both its customers and its expanding ecosystem of technical partners.

Overall security posture improved due to automated misconfiguration and vulnerability scanning, and the company was not slowed down working with customers and partners in multiple cloud environments. Identity and access reviews also become much easier and less time consuming as the company was able to largely automate the process.

Easy-to-understand cloud data security and compliance reports, with controls mapped to chosen benchmarks, were a significant contributor to the company being able to build a ‘culture of cybersecurity’ and get buy-in from stakeholders before actioning significant changes.

Conclusion

Data is the most valuable asset a company possesses and in the case of organizations in the data intelligence business, where customer data is at stake, cloud security is critical.

In these instances, organizations tend to create data stores faster than cybersecurity teams can secure them, resulting in significant cloud data security and compliance risks.

Fortunately, Cyscale is well-versed in data security in the cloud and data security posture management (DSPM) and is even the maintainer of the OWASP Data Security Top 10, seen as the essential guide about the major security risks for storing and moving sensitive and PII data, the challenges involved, and how to overcome them.

Using Cyscale, the company was able to get a single interface into its entire cloud estate, along with a comprehensive data inventory and easily digestible reports on security and compliance posture.

In terms of day-to-day work, Cyscale helped reduce pressure on the security team by automating a lot of the menial tasks associated with access reviews, and misconfiguration identification and remediation.

The solution also worked out cheaper than both alternative vendor-provided solutions and ongoing development and maintenance of the in-house solution the company had been reliant on previously.

Ready to find out how Cyscale can protect your data in the cloud? Watch this video

Improve your cloud security posture today

Sign up for a custom demo to see how we close security gaps
and help you leverage the cloud with confidence.

GET A DEMO
Cyscale Logo
Cyscale is an agentless cloud-native application protection platform (CNAPP) that automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Stay connected

Receive new blog posts and product updates from Cyscale

By clicking Subscribe, I agree to Cyscale’s Privacy Policy


© 2024 Cyscale Limited

crunch base icon
angel icon