For any organization that deals with payment transactions online, Payment Card Industry Data Security Standard (PCI DSS) compliance is mandatory. PCI DSS standards apply to all entities that store, process, or transmit cardholder data and are intended to thwart the theft of cardholder information that could happen anywhere in the card-processing ecosystem.
With cloud, security has shifted to the configuration--and misconfiguration—of cloud resources. Developers are moving fast, making their own infrastructure decisions, and changing them constantly. The self-service freedom of cloud is a boon for innovation velocity, but mistakes can create infrastructure vulnerabilities that modern cloud threats seek to exploit.
Today, Fugue added out-of-the-box support for Payment Card Industry Data Security Standards (PCI) to give enterprises full PCI compliance visibility and reporting across their entire cloud footprint. PCI joins HIPAA, NIST 800-53, GDPR, and AWS CIS Benchmark as part of Fugue’s turnkey solution for ensuring cloud infrastructure environments adhere to compliance standards.
A lot of folks have realized that manually fixing cloud infrastructure to correct security and compliance issues is just too slow and error prone to handle the threat landscape on the cloud. An increasingly common approach to speeding up remediation these days is to use cloud functions, such as AWS Lambda or Azure Functions, connected to a threat detection tool, to remediate specific cloud misconfigurations.
Infrastructure misconfiguration is the leading cause of data breaches in the cloud, and a big reason misconfiguration happens is infrastructure configuration “drift,” or change that occurs in a cloud environment post-provisioning. If you’re responsible for the security and compliance of cloud environments, you probably spend a lot of time focused on analyzing infrastructure drift events and remediating them. It’s easy to think of all drift as being bad or undesirable. And make no mistake, some of it is really bad. Ugly even! But some drift is good and desired, and understanding the differences between the good, the bad, and the ugly--and how to recognize them--can save you and your team a lot of frustration and wasted time.
Security and compliance are priorities for companies in the cloud. However, cloud security and compliance is not the responsibility of any single entity alone and determining the demarcation line can lead to confusion. Security and compliance in the cloud is a shared responsibility between the cloud service providers (CSP) and their customers.
Whenever there's talk of the cloud, misconfiguration and the security risk it brings inevitably becomes a part of the conversation. And of course, once you start talking about cloud misconfiguration, “auto-remediation” often creeps into the conversation. But what does “auto-remediation” really mean? The concept of “auto-remediation” is that the solution finds problems or policy violations in your cloud infrastructure and automatically fixes them.
With AWS re:Invent 2018 now behind us, we wanted to share some of our reactions to the event and many of the announcements. It was an exciting time for Fugue, as we announced the availability of our new SaaS solution, an easy-to-use solution for finding compliance violations in your AWS environments, detecting infrastructure drift, and automatically remediating it when it occurs.
Yesterday, we showed you how you can use Fugue to scan your AWS infrastructure, discover what resources you have running, and identify any policy violations for compliance frameworks like HIPAA, GDPR, NIST 800-53, and the AWS CIS Benchmarks.
We’re thrilled to announce that Fugue is now offering a Software-as-a-Service solution for enforcing continuous cloud infrastructure compliance, is now available (start your free trial here). We’re at AWS re:Invent 2018 all week, so stop by booth 2305 to learn more.