Rapid7 Enables an Expanding and Cohesive Multi-Cloud Security and Compliance Strategy

Challenge

Qlik, 像许多其他企业一样, 正在扩大他们的云足迹，并知道他们将受益于凝聚力, 企业级云安全策略. Because many parts of the organization, including the Research and Development (R&D)和安全团队, 我们已经在使用云了, they understood that they needed to implement holistic guidance to ensure that the company's cloud resources and data therein were adequately protected.

Solution

Qlik选择了Rapid7 InsightCloudSec平台. 

Knowing that they needed to maintain consistent control of their cloud environments, Qlik聘请了一位云架构师来扩展他们的云团队. 他们最初的目标是确保现有云环境的安全性, 主要由AWS账户组成. As Qlik continues its growth as a software and services (SaaS) technology provider, which has driven expanded use of cloud providers like Azure and Google Cloud Platform, the Cloud team has also been looking to rapidly expand its cloud security best practices into these new environments.

As one of many companies in today's highly competitive analytics and business intelligence industry, Qlik's goal was to enable their employees across the relevant business units to do as much as they could through self-service access to the cloud, 尽可能安全. 具体来说，他们想要的是R&D团队负责创新，销售团队负责销售, 同时保持安全, minimizing risk, 最大化效率.

入职和集成

InsightCloudSec团队立即开始与Qlik Cloud团队合作, 并在InsightCloudSec客户成功团队的指导下, 整合他们的AWS, GCP, and Azure accounts. Qlik发现他们的新投资几乎立竿见影. 在少于3天的时间内, 云团队变得更加深入, 对云环境有更多可操作的见解.

The R&D team was the first business unit at Qlik to investigate InsightCloudSec as a potential cloud security solution. They soon after introduced InsightCloudSec to the Security and Cloud teams for consideration. After the InsightCloudSec Sales team offered a detailed demonstration of the platform's key capabilities and features, 包括统一的可视性和监控, 自动化和实时修复, 以及它的可扩展性, the Qlik teams were confident that InsightCloudSec would be able to provide the secure guardrails they were seeking. For Qlik, this was a critical step toward fulfilling their ultimate goal of empowering employees to embrace the self-service nature of the cloud so they can innovate without creating security risk.

Empowering Others

The Qlik Sales team worked with the Qlik Cloud team to set up scenarios of typical working environments for demonstrations in the cloud. 在使用InsightCloudSec之前, some of the more complex sales demo scenarios would take 2 or 3 days to build securely. 部署InsightCloudSec后, Qlik现在能够在大约15分钟内部署场景, while ensuring RDP and SSH access is done by the corporate VPN and that HTTPS access is behind a web application firewall (WAF) which allows them to track the traffic and make sure nothing is malicious. 多亏了效率上的巨大飞跃, the Cloud team has peace of mind that each and every sales demonstration is configured securely. Qlik Cloud团队, 使用Rapid7, 现在能够为他们的销售团队提供令人难以置信的体验吗, 谁能给他们的客户带来令人难以置信的体验.

Cost Savings

InsightCloudSec quickly proved itself to be a worthwhile investment in many other ways. By assigning appropriate startup and shutdown time tags to their virtual machines (VMs), Qlik was able to use InsightCloudSec Bots to automatically start and stop their VMs outside business hours. In the beginning, they applied startup and shutdown times to a single Azure subscription. In one month, the Cloud team saw an immediate reduction in costs of about $10-15K. Subsequently, 该团队对所有订阅应用了启动和关闭时间, accounts, 和跨Azure的项目, AWS, and GCP, 他们的云计算成本降低了60%.

大规模协调敏捷运维

In addition to providing significant cost savings and empowering Qlik employees to innovate and sell, the Qlik Cloud team soon realized that InsightCloudSec was much more than a cloud security tool. Most significantly, it integrated into and enhanced their standard business processes. For example, 当员工违反了特定的政策, an InsightCloudSec Bot sends notifications to the appropriate people via email and Microsoft Teams, 通知他们违规行为.

For now, the Cloud team is pleased with the results that the automated notifications drive from Qlik employees. Qlik Cloud团队 has found that Bot notifications result in a much higher rate of employee-initiated remediation to fix the issues at hand.

通过更好的遥测技术做出更好的决策

The Qlik team was also impressed by the way in which InsightCloudSec provided contextual information about their cloud environment. For example, there is a fundamental difference in the risk level of a publicly accessible AWS S3 storage bucket and an Azure storage blob that looks like it's publicly accessible. 后者需要访问密钥，而前者则不需要. InsightCloudSec Insights helps Qlik differentiate the risk level of the two cloud storage tools. The ability to differentiate between what is actually publicly accessible and what isn't changed the conversations that the Cloud team was having with the Security team.

Conclusion

Qlik的销售团队现在能够高效安全地提供演示. They're saving $10-15K a month with the ability to start and shut down VMs outside of business hours, and InsightCloudSec is enabling them to drive human-centered processes around notification, ticketing, messaging, and also reaching into the cloud environment and reconfiguring a cloud service to make it more secure and compliant.

 与InsightCloudSec, the Qlik Cloud team can rest easy knowing the cloud environments they manage are secure, and their employees are embracing the self-service nature of the cloud and can innovate without risk.