Digital Transformation is taking over, we all know this and enterprises are adopting this at a higher than consumable rate. What once took many times months to provision in our legacy infrastructure now can be spun up via a CLI command in seconds. Years ago the Center for Internet Security (CIS) posted a series of best practices for the main cloud service providers (CSP). This has been a guiding document for many security groups as they see their legacy products that once secured their data center become diminished with the move to the cloud. Additionally, this document was created with the broadest coverage in mind so it doesn’t provide consistency across all of the CSPs.
As customers move into the cloud and start to apply CIS, it can be extremely daunting. There are a lot of findings with little way to understand what is best and how to quickly remediate. On the inverse, large, multi-cloud enterprises are looking to apply a singular policy across all major CSPs. Having a flexible platform to enable this is key to an enterprises success.
These guidelines from CIS are a great start to securing your new or preexisting cloud services. The challenge we see is many customers moving internal applications to the cloud. In addition new software is being developed daily that can be layered onto Amazon, Microsoft, and Google.
Recently I met with a large transportation company that was looking to move their entire application stack from their monolithic data center to AWS. Their move was being pushed from the top down to get out of the data center business and adopt the cloud to enable business to work faster. We all know this as the common term Digital Transformation. With this lift and shift they had to completely rethink their security stack. That lead to finding answers to the following questi