Safeguarding CRM Assets with Enhanced Multi-Cloud Security and Incident Response.
July 2023 - Current
Business Need
Adisols, a leading cloud-based product development company specializing in CRM solutions, is committed to implementing a robust cloud security posture to safeguard their CRM products and assets. As they enhance their CRM offerings and develop new CRM assets and inventory applications, Adisols acknowledges the critical importance of cloud security. Their focus is on establishing a proactive security posture to proactively address potential threats. Recently, they observed a rise in challenges related to the lack of tight security controls, underscoring the necessity for incident support. This surge necessitates a thorough investigation and the development of a strong incident response plan to ensure the overall security and resilience of their CRM ecosystem.
Key Challenges Identified During Assessment:
Lack of expertise to implement security controls on public cloud AWS and Azure..
Limited security and incident monitoring capability.
Lack of security/vulnerability visibility in the cloud environment & remediation solution.
Unauthenticated scan and other authentication scan issues leading to multiple hidden vulnerabilities.
Manual creation and sharing of vulnerability scan reports to stakeholders.
No vulnerability prioritization based on asset criticality.
No solution implemented for container security.
Solution Implemented:
We implemented a multi-cloud security model across AWS and Azure, reducing vulnerabilities by 30%, and integrated image scanning and runtime protection in Kubernetes for secure development. Centralized incident detection was managed via Azure Security Center and Sentinel, consolidating logs from AWS and Azure for threat monitoring. Prisma Cloud CSPM improved AWS security posture, while data was secured using AWS KMS and Azure Key Vault, and network traffic was controlled through AWS Security Groups, Azure NSGs, and Kubernetes policies.
- Multi-Cloud Security Model for CRM Workloads – Achieved a 30% reduction in security vulnerabilities through the implementation of a robust multi-cloud security model for CRM workloads in AWS and Azure.
- Vulnerability Management and Kubernetes Security Integration – Led vulnerability management across AWS and Azure environments, integrating image scanning, admission control, and runtime protection in Kubernetes to block vulnerabilities during development and deployment.
- Centralized Incident Detection and Response Across AWS and Azureb- Managed incident detection and response through centralized logging with Azure Security Centre and Azure Sentinel, integrating logs from AWS CloudTrail, Azure Monitor, and Kubernetes clusters to monitor security alerts and anomalous activities.
- Consistent Policy Enforcement for Application Security and Compliance – Strengthened application security by enforcing consistent policies with Azure Policy, AWS Config, and Kubernetes Admission Controllers, ensuring compliance and preventing misconfigurations across cloud resources.
- Prisma Cloud CSPM for AWS Security Posture Management – Deployed and managed Prisma Cloud Security Posture Management (CSPM) to monitor and improve the security posture of AWS resources, ensuring compliance and addressing misconfigurations.
- End-to-End Data Encryption with AWS KMS and Azure Key Vault – Secured data with end-to-end encryption using AWS KMS and Azure Key Vault, ensuring data security at rest and in transit for CRM workloads.
- Enhanced Network Security with AWS Security Groups, Azure NSGs, and Kubernetes Policies – Enhanced network security using AWS Security Groups, Azure NSGs, and Kubernetes network policies to control inbound and outbound traffic and secure pod-to-pod communication.