Enterprise Cloud Security at Scale: Announcing Fugue Organization Management

Today, Fugue announced powerful new capabilities to help enterprise organizations and managed service providers centrally manage the security of large, complex cloud environments that involve multiple business units—each with its own unique use cases and policy requirements. 

Our customers have been using Fugue to address cloud security across cloud providers and at every stage of the development lifecycle—from infrastructure as code through the runtime—using the same set of policies end-to-end. As a result, they’re investing 50% fewer engineering resources in cloud security, delivering secure cloud infrastructure 3X faster, and speeding up compliance processes by 60%.

Every enterprise operating at scale in the cloud faces the same complex challenge: Centralizing security visibility and policy control over a vast cloud footprint while maintaining the flexibility that individual business units need to operate competitively and address the unique security and compliance requirements. 

Fugue Organization Management is a new set of capabilities that enable enterprises and managed service providers to combine centralized visibility and global policies across business units and customers while preserving localized flexibility and control. However the enterprise is organized. 

Fugue Organization Management

Cloud Security Visibility Over the Enterprise

Fugue gives security operations teams visibility into the state and security posture of their cloud environment across business units. 

• View consolidated organization-level reports to gain insight into the compliance and security of all cloud environments across cloud providers.
• Access individual cloud environments as needed to investigate vulnerabilities and modify policy settings to meet required security standards for each use case.
• Operationalize cloud security across the organization with business unit or customer reporting for IT chargebacks.

Consistent Enforcement of Cloud Security Controls

Fugue ensures policy-driven cloud security controls are consistently interpreted, implemented, and enforced across the entire organization. 

• Leverage hundreds of pre-built rules mapped to more than a dozen compliance families and develop custom rules that can address complex multi-resource vulnerabilities.
• Define organization-wide compliance “families” consisting of pre-built and custom rules and send them to cloud engineering teams for implementation.
• Apply organization-wide compliance families to any or all cloud operations to validate the security of their infrastructure as code and runtime environments.

Flexibility for Business Units and Customers

Individual business units or customers have specific needs and requirements. Fugue enables the logical organization and customization of environments to give individual teams the flexibility they need to operate fast and efficiently. 

• Enable role-based access controls (RBAC) for each environment to manage permissions and cloud account access for users, groups, and API clients.
• Configure security and compliance settings at the organization or environment level so compliance families can be applied to all environments across the board, or customize which specific rules apply to each environment.
• Set up notifications to alert the security team when Fugue identifies policy violations or potential vulnerabilities in any environment.

How Fugue Organization Management Works

Whether you’re currently using Fugue to manage the security of your cloud environment or you’re new to Fugue, it’s easy to set up Fugue Organization Management. 

1. Create a Root Tenant to centrally govern the security across your cloud environments. Define global configuration security baselines and policy requirements and manage access to individual cloud environments. 
2. Add Child Tenants for individual business units to manage local security and policy requirements and maintain visibility for their cloud environments.
3. Add Cloud Environments for each cloud runtime (AWS, Azure, Google Cloud) and code repository to each tenant.  
4. Apply Global Controls for security and compliance requirements across cloud environments and get global visibility into your entire cloud footprint and security posture—and empower individual business units with local visibility and control.  

Fugue secures AWS, Microsoft Azure, and Google Cloud environments and pre-deployment infrastructure as code security checks for Terraform, AWS CloudFormation, Kubernetes manifests, and Dockerfiles. Fugue provides turnkey coverage for SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, the AWS Well-Architected Framework, and CIS Foundations Benchmarks. Fugue’s Unified Policy Engine leverages Open Policy Agent (OPA), the open standard for policy as code, and a Cloud Native Computing Foundation (CNCF) graduated project.

Fugue’s Organization Management features are generally available now. Learn more at www.fugue.co/organization-management.