www.fugue.co | hello@fugue.co | @FugueHQ

CASE STUDY

GlobalGiving uses Fugue to help protect PCI-regulated workloads in AWS CloudGlobalGiving is the largest global crowdfunding community that connects nonprofits, donors, and companies. It has raised more than $320 million for thousands of projects around the world.

GlobalGiving has migrated their PCI-regulated workloads to AWS to increase agility and innovation while maintaining continuous compliance.

CHALLENGES

• Quickly move data center infrastructure supporting corporate customer and partner applications to AWS

• Continuously ensure PCI compliance throughout the cloud infrastructure lifecycle

• Increase IT productivity without adding new staff

FUGUE SOLUTION

• Leverages infrastructure as code and policy as code to quickly create new cloud environments with accompanying security and access policies

• Implements automated remediation to continually enforce PCI controls such as network segmentation and encrypted storage and network traffic

• Provides simple, easy-to-read configuration files that increase developer productivity and reduce the possibility for misconfiguration errors

KEY STATS

PROBLEM:

How does a global crowdfunding community rapidly migrate PCI-regulated applications to the cloud while preserving partner trust?

OUTCOMES:

1. Rapid migration to cloud environments

2. Demonstrated PCI compliance leading to greater partner trust

3. Higher IT productivity

FROM THE CLIENT:

“Monitoring and alerts on cloud deployments aren’t good enough for us. We can’t afford to have misconfigurations or unauthorized changes happen in the first place.

We’ve optimized the way we think about and use AWS for mission critical systems with Fugue.”

Justin RuppSenior Systems ArchitectGlobalGiving

032718 Fugue Case Study: GlobalGiving

Business OutcomesINFRASTRUCTURE AS CODE AND POLICY AS CODE ENABLE RAPID MIGRATION TO CLOUD ENVIRONMENTS

GlobalGiving has completed moving nearly all of its data center infrastructure to the cloud. Fugue’s infrastructure as code and policy as code features have enabled GlobalGiving to swiftly provision new production environments with accompanying security and access policies.

AUTOMATED REMEDIATION OF PCI CONTROLS BUILDS PARTNER TRUST

GlobalGiving uses automated remediation to continually enforce PCI controls such as network segmentation, encryption of data at rest and in

motion, and least privilege access control. The organization has successfully completed numerous audits to meet stringent partner PCI requirements regarding financial data.

SIMPLE CONFIGURATION FILES AND AUTOMATION YIELD HIGHER IT PRODUCTIVITY

Fugue’s configuration files for infrastructure and policy are simple yet highly expressive. GlobalGiving’s IT staff can quickly create and reuse files to define even complex infrastructure environments. The staff also use Fugue’s automation features to quickly create new environments for experimentation and prototyping, which enables rapid innovation.

About Fugue Fugue helps you get cloud infrastructure right. It automates the creation of your workloads, provides visibility into what’s running, and delivers continuous governance to make sure your cloud is operating just as you declared. If it drifts, Fugue fixes it immediately. Enterprises stay compliant and ship smart innovation faster with Fugue.

The company has eight patents granted and 16 pending. Privately held and headquartered in Maryland, Fugue’s investors include New Enterprise Associates, Future Fund, Maryland Venture Fund, and Core Capital Partners. Gartner named Fugue a Cool Vendor in Cloud Computing 2017.

SOLUTION ELEMENTS

OPERATE

Provisioned infrastructure is automatically protected against drift

and unapproved changes

DECL ARE

Specify and validate infrastructure as code and policy as code with Fugue’s

Composer before provisioning

DEPLOY

Policies are separately validated during build and deployment ensuring no

non-compliant resources can be created

Fugue Drives the Infrastructure Governance Lifecycle