Rapid7支持扩展和内聚的多云安全和合规策略

Challenge

Qlik, like many other enterprises, is expanding their cloud footprint and knew they would benefit from a cohesive, enterprise-level cloud security strategy. 因为公司的许多部门，包括研发部(R&D) and Security teams, were already using cloud, 他们明白，他们需要实施整体指导，以确保公司的云资源和其中的数据得到充分保护.

Solution

Qlik selected the Rapid7 InsightCloudSec platform. 

知道他们需要保持对云环境的一致控制, Qlik brought onboard a Cloud Architect to expand their Cloud team. Their initial goal was to ensure security of their existing cloud environments, which consisted mostly of AWS accounts. 随着Qlik作为软件和服务(SaaS)技术提供商的不断发展, 是什么推动了Azure和谷歌云平台等云提供商的广泛使用, 云团队也一直在寻求将其云安全最佳实践快速扩展到这些新环境中.

作为当今竞争激烈的分析和商业智能行业的众多公司之一, Qlik的目标是使其相关业务部门的员工能够通过自助访问云来完成尽可能多的工作, as safely as possible. Specifically, they wanted their R&D team to innovate and their Sales team to sell, all while remaining secure, minimizing risk, and maximizing efficiency.

Onboarding and Integration

The InsightCloudSec team immediately started working with the Qlik Cloud team, and with guidance from the InsightCloudSec Customer Success team, integrated their AWS, GCP, and Azure accounts. Qlik found almost immediate value in their new investment. Over a period of less than 3 days, the Cloud team gained deeper, more actionable insights into their cloud environments.

The R&D团队是Qlik第一个将InsightCloudSec作为潜在云安全解决方案进行调查的业务部门. 不久之后，他们向安全和云团队介绍了InsightCloudSec以供考虑. InsightCloudSec销售团队详细展示了该平台的关键功能和特性, including unified visibility and monitoring, automation and real-time remediation, and its extensibility, Qlik团队相信，InsightCloudSec能够提供他们正在寻找的安全护栏. For Qlik, 这是实现他们最终目标的关键一步，即让员工能够接受云的自助服务特性，这样他们就可以在不产生安全风险的情况下进行创新.

Empowering Others

Qlik销售团队与Qlik云团队合作，为云中的演示设置典型工作环境的场景. Prior to using InsightCloudSec, 一些更复杂的销售演示场景需要2到3天才能安全构建. After deploying InsightCloudSec, Qlik is now able to deploy scenarios in approximately 15 minutes, 同时确保RDP和SSH访问是由企业VPN完成的，HTTPS访问是在web应用程序防火墙(WAF)后面，这允许他们跟踪流量并确保没有恶意. Thanks to this huge leap in efficiency, 云计算团队可以放心，每个销售演示都是安全配置的. The Qlik Cloud team, working with Rapid7, is now able to deliver an incredible experience to their Sales team, who can deliver an incredible experience to their customers.

Cost Savings

InsightCloudSec很快证明了自己在许多其他方面都是值得投资的. 通过为虚拟机(vm)分配适当的启动和关闭时间标签, Qlik能够使用InsightCloudSec Bots在工作时间之外自动启动和停止他们的虚拟机. 一开始，他们将启动和关闭时间应用于单个Azure订阅. 在一个月内，Cloud团队立即减少了大约10- 1.5万美元的成本. Subsequently, the team has applied startup and shutdown times to all subscriptions, accounts, and projects across Azure, AWS, and GCP, and they have seen a 60% reduction in their cloud costs.

Orchestrating Agile Operation at Scale

除了提供显著的成本节约和授权Qlik员工创新和销售, Qlik Cloud团队很快意识到InsightCloudSec不仅仅是一个云安全工具. 最重要的是，它集成并增强了他们的标准业务流程. For example, when an employee violates a specific policy, InsightCloudSec Bot通过电子邮件和微软团队向相关人员发送通知, informing them of the violation.

For now, 云计算团队对Qlik员工的自动通知带来的结果感到满意. Qlik Cloud团队发现，Bot通知导致员工主动修复手头问题的比例要高得多.

Better Decision-Making With Better Telemetry

Qlik团队还对InsightCloudSec提供有关其云环境的上下文信息的方式印象深刻. For example, 可公开访问的AWS S3存储桶和看起来可以公开访问的Azure存储团的风险级别存在根本差异. The latter requires an access key, and the former does not. InsightCloudSec Insights帮助Qlik区分两种云存储工具的风险级别. 区分哪些是可公开访问的，哪些是不可公开访问的，这种能力改变了云团队与安全团队之间的对话.

Conclusion

Qlik's Sales team is now able to offer demos efficiently and securely. 他们每个月可以节省1 - 1.5万美元，因为他们可以在工作时间之外启动和关闭虚拟机, 而InsightCloudSec使他们能够围绕通知驱动以人为中心的流程, ticketing, messaging, 同时也深入到云环境中，重新配置云服务，使其更加安全和兼容.

 With InsightCloudSec, Qlik Cloud团队可以放心，因为他们管理的云环境是安全的, 他们的员工正在拥抱云的自助服务特性，可以无风险地进行创新.