New Light Technologies (NLT) is an IT and GIS services company that helps organizations such as the World Bank and US Census Bureau modernize their infrastructure on the cloud. As a growing consulting services company, NLT needed a scalable means to prevent cloud misconfiguration and ensure continuous compliance for customers on Amazon Web Services and Microsoft Azure infrastructure. NLT customer cloud environments range from a few hundred cloud resources to thousands of cloud resources. Fugue partners with NLT to deliver its security and compliance solution, including Fugue's SaaS product and open source tools.


Challenges

  • Assess customers’ AWS and Azure cloud environments for security misconfiguration and CIS AWS/Azure Foundations Benchmarks and NIST 800-53 compliance violations
  • Detect configuration drift and fully automate enforcement of baseline cloud resource configurations
  • Enable pre-deployment security and compliance checks on infrastructure as code

Fugue Solution

  • Evaluate cloud resources for CIS and NIST 800-53 compliance violations against hundreds of predefined controls
  • Protect critical resources by notifying users of any configuration drift from a previously established configuration state
  • Visualize cloud environment in dynamic diagrams and zoom into details on configurations and resource relationships

Implementation

NLT was able to seamlessly add customer AWS and Azure accounts to Fugue’s SaaS product in a matter of days. Fugue’s customer success team continues to work with NLT on custom rules for specific enterprise policies, and on integrating Fugue’s open source Regula tool for checking Terraform infrastructure-as-code for AWS resources with NLT’s Automated Infrastructure Compliance Framework.


Business Outcomes

With Fugue, NLT cloud architect Dave Williams is able to quickly understand what is in a customer’s cloud environment and identify CIS and NIST 800-53 compliance violations, and configuration drift.

NLT can easily scan a customer’s cloud environment and within five minutes they can see what is not in compliance, why is it not in compliance, and generate a detailed visual representation of their cloud infrastructure. For environments that have drifted from known-good configurations, Fugue’s automated remediation corrects the drift back to an established baseline without the need for interaction with IT staff to prioritize drift for correction. This reduces delays and minimizes risks for the client. Fugue delivers self-healing infrastructure, without the need for engineers to write custom scripts, alarms, or notifications when there is configuration drift.

Visualize Your Cloud Environment

NLT at any one time is providing consulting services to a number of clients using Amazon Web Services and Microsoft Azure. With Fugue’s visualizer feature, NLT can generate diagrams of their customers’ cloud resources, zoom in on details on configurations, and quickly locate misconfigurations and compliance violations. 

DOWNLOAD CASE STUDY