Cloud adoption was already well underway prior to COVID-19 but the pandemic accelerated adoption faster than anyone could have ever anticipated. With OpsCompass, teams can prepare for this new world, and set themselves––and their organizations––up for success in the future. Fix problems that exist and get a process in place to address problems before it’s too late.
Organizations of all sizes were forced to confront an abrupt shift to remote work for the majority of their staff. As the repercussions of COVID-19 continue to play out in the months ahead, there’s one thing in the tech space that will ring true: there will be no going back from this shift to the cloud. While this mass migration has been taxing on all businesses, it has also brought many benefits to the forefront.
With these benefits, also come major security risks. As described in the shared responsibility model, organizations today must have complete control over their cloud data, applications, and infrastructure to securely run their business. They also need to do all of this with more users and identities interacting with their cloud platforms and less tolerance for risk. Cyber-attacks and data thefts have significantly increased and the need for securing digital and cloud assets has become crucial.
OpsCompass serves as a single pane of glass for seeing your cloud vulnerabilities and security posture in real time. Now your multi-tool, multi-team organization has visibility into everything and a consistent way to manage your security posture in the cloud.
Q: Can you please share with us a brief overview of your company? When was OpsCompass established and what are your goals?
A: OpsCompass was founded in 2016 by Manny Quevedo and John Grange, two former tech executives, with the idea that cloud security and visibility can be simplified with a tool that gives DevOps and Architects full visibility to their cloud environments.
OpsCompass is a SaaS solution that provides the right information at the right time with actionable insight into what to do next. Across compliance, security, and cost management, we provide the ability to fold cloud operations into your existing processes with your existing team.
As your cloud footprint grows and more users are interacting with the environment, it’s important to monitor and track the exact configuration state of your applications, resources, and overall cloud platform; OpsCompass’ goal is to simplify this process.
Q: What industries do you serve?
A: OpsCompass empowers clients to adopt and master cloud operations management via products and services. We have clients across industries, but have seen specific needs in Healthcare, Banking and Insurance, and Retail.
From remote deposits to roadside claims, banks and insurance companies depend on healthy and secure cloud environments to meet their customers in a digital world. With a healthy cloud environment, banks and insurance companies have the flexibility and resiliency to quickly take advantage of opportunities created by an evolving digital world.
Digitizing health records was a turning point for the explosive growth of technology use in the healthcare industry. Since then, the possibilities and use cases of healthcare technology continue to grow – the cloud enables these solutions by providing the ability to scale on demand, the horsepower for deep learning, and cost-effective resources.
The retail industry is rapidly evolving, with organizations redesigning stores, reinventing supply chains, and aggressively building out digital channels. While these new digital experiences enable customers to shop nearly anywhere and choose from a myriad of fulfillment options, they also result in an overwhelming amount of data to collect, understand, and act on. OpsCompass provides the insight retail enterprises need to establish and maintain a compliant, secure, and cost-effective cloud environment.
Q: What exactly does OpsCompass do and how does it work? What makes it important for modern enterprises?
A: The OpsCompass Cloud Security Posture Management tool provides deep visibility, intelligence, and control; enhancing cloud operations, security, and policy compliance in the cloud. Built specifically for DevOps, Cloud Operations, and SRE (Site Reliability Engineer) Teams, OpsCompass provides a complete view to establish and maintain a healthy and secure cloud environment.
Today, many modern enterprises feel confident that their cloud security situation is under control, but when pressed, they often lack a centralized way to understand exactly what they have. Usually this means they don’t know where the organization stands in terms of best-practices and compliance, they have no idea whether simple misconfigurations or other errors are leaving them vulnerable to attack, and there’s generally no agreed-upon performance metrics.
What’s worse is that by not having a proactive security posture, organizations are hindering their ability to grow and expand their services in the cloud. That is where OpsCompass, Cloud Security Posture Management, or CSPM, comes in. OpsCompass provides a single pane of glass for seeing your cloud vulnerabilities and security posture in real time offering next steps to become more secure.
Q: What are some of the most pressing security threats today? And how is OpsCompass addressing these?
A: In the past, cloud security programs have focused on intentional risks such as malicious insiders or web-based attacks. But in the cloud, unintentional risks such as misconfigurations and human error are the root cause for some of the most notable cloud breaches. Whether you have a single cloud or multi-cloud environment, OpsCompass looks for intentional and unintentional risks and creates a unified view into your overall environment.
OpsCompass provides deep visibility across the hyper-scale clouds; all assets and insight into their configuration history with user attribution. Visibility, or lack thereof, is the cloud’s major vulnerability and a CSPM is the best way to supercharge your cloud security program.
Having robust CSPM monitoring and reporting on your cloud posture is not only necessary for today, but will become even more critical in the future, as cloud services and platforms continue to grow and expand.
Q: According to a report published by Sophos, almost three-quarters of organizations hosting data or workloads in the public cloud experienced a breach in 2019. With IBM estimating that the average data breach costs $3.92 million. Based on this report, it only means that more organizations are likely to have a cloud-security breach. As experts in cloud security, what is your advice to organizations looking to take the next step in cloud security?
A: Unfortunately, many teams don’t think about security until it’s too late. Whether they don’t have the budget, think they don’t yet have the scale, or it’s just not top of mind, procrastinating on cloud security can expose an organization to breaches, non-compliance, and other high-risk issues. On the flip side, organizations might have initially taken too heavy of an approach and implemented such strict controls that it prevents them from fully utilizing cloud resources in the future.
Thinking about cloud security should happen early, which includes implementing not just the right technology, but also the right processes and people. And it’s never too early to start, because security needs to be woven into development from the beginning. The goal is not just to establish a process, but to make sure it’s agile enough to scale for the ever-changing cloud environment.
Q: As the Industry’s #1 choice for cloud security solutions, what practices and measures should enterprises take into consideration to prevent and reduce the risk of cyber-attacks?
A: The two biggest challenges for teams wanting to stay on top of their cloud security are understanding what cloud security needs to address, and how to implement a team strategy for addressing them.
Teams need to have visibility into all corners of their cloud environment, be able to track all deployments of assets in the cloud, all configurations of those resources, all changes to those assets, and whether they’re compliant — all in real-time. This is an impossible task to do manually, which is why CSPM tools exist. They give organizations a continuous bird’s-eye view of their multi-cloud environments, so they can monitor risk and remediate swiftly. This is much different than on-premise tracking.
A good cloud security posture involves both team members and leadership working together to create a plan of action that includes everyone playing a role in cloud security — and not just the security team. This also means shifting security “to the left” to the DevOps team, and ensuring that security begins with development, and not after deployment.
Because good cloud management relies not just on the technology, but on the team and the processes, there are skills teams are going to need to know to ensure they stay on the edge of cloud security:
- APIs and CLI Tools
- Cloud Identity
- Container Security
- CSPM Processes
Q: Tell us more about OpsCompass. What are its key features and capabilities? How does it compare to other cloud security platforms available in the market?
A: OpsCompass is focused on the cloud. Our mission is to aid companies seeking to effectively manage their resources in public cloud environments. Today, organizations must have complete control over their cloud data, applications, and infrastructure to securely run their business. They also need to do all of this with more users and identities interacting with their cloud platforms and less tolerance for risk. Cyber-attacks and data thefts have significantly increased and the need for securing digital and cloud assets has become crucial.
OpsCompass can be implemented in minutes regardless of your DevOps maturity or tools used by your organization. OpsCompass serves as a single pane of glass for seeing your cloud vulnerabilities and security posture in real time, giving your multi-tool, multi-team organization the visibility into everything and a consistent way to manage your security posture in the cloud.
Additionally, OpsCompass is committed to continually enhancing its inventory views, compliance analysis reports, and configuration drift management among other capabilities to deliver an outstanding customer experience, along with profound cloud protection.
Q: Can you provide us with sample use cases for OpsCompass?
A: As organizations were forced to quickly shift to remote work, security became an afterthought in most organizations. Clients then turned to OpsCompass to quickly help identify users without MFA or Self Service Passwords. OpsCompass serves as single pane of glass across all the normal day to day clouds (Azure and 365, AWS, GCP) by keeping an up-to-date inventory, offering insight into security best practices via enforced CIS/NIST baseline, and notifies when resources are drifting from the known state.
It’s hard enough to find the needle in the haystack and it is even harder when you don’t know you should be looking for the needle. And, if or when you find it accidentally it is probably because it caused some harm. OpsCompass not only tells you when you should look for the needle but finds it for you, and then asks if it should be in the haystack or if you want to take action and put it where it belongs.
Example: A user in a Microsoft 365 environment was assigned a new Conditional Access Administrator directory role. OpsCompass created a notification that the current user had additional privileges assigned from their previously known RBAC.
Example: A Terraform deployment(sp-webinar-tf) updated the minimumTlsVersion, removed allowBlobPublicAccess, and turned supportsHttpsTrafficOnly back on. OpsCompass identified how this change was made (Terraform), when it was made (2/18/21) what it previously was (highlighted in red), and provides the ability to dig deeper into who made the change prior (Next button) to better understand why the pipeline had drifted and if more conversations need to be had.
About OpsCompass
OpsCompass, a leader in Cloud Security Posture Management (CSPM), offers an enterprise SaaS product that provides deep visibility, intelligence, and control — enhancing cloud operations, security, and policy compliance. OpsCompass CSPM supports all leading cloud platforms including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). Purpose-built for the cloud, OpsCompass replaces legacy controls that were not designed for contemporary, API-driven, cloud infrastructure.
Related Categories