GlobalGiving uses Fugue to help protect PCI-regulated ... · | [email protected] | @FugueHQ CASE STUDY...
Transcript of GlobalGiving uses Fugue to help protect PCI-regulated ... · | [email protected] | @FugueHQ CASE STUDY...
www.fugue.co | [email protected] | @FugueHQ
CASE STUDY
GlobalGiving uses Fugue to help protect PCI-regulated workloads in AWS CloudGlobalGiving is the largest global crowdfunding community that connects nonprofits, donors, and companies. It has raised more than $320 million for thousands of projects around the world.
GlobalGiving has migrated their PCI-regulated workloads to AWS to increase agility and innovation while maintaining continuous compliance.
CHALLENGES
• Quickly move data center infrastructure supporting corporate customer and partner applications to AWS
• Continuously ensure PCI compliance throughout the cloud infrastructure lifecycle
• Increase IT productivity without adding new staff
FUGUE SOLUTION
• Leverages infrastructure as code and policy as code to quickly create new cloud environments with accompanying security and access policies
• Implements automated remediation to continually enforce PCI controls such as network segmentation and encrypted storage and network traffic
• Provides simple, easy-to-read configuration files that increase developer productivity and reduce the possibility for misconfiguration errors
KEY STATS
PROBLEM:
How does a global crowdfunding community rapidly migrate PCI-regulated applications to the cloud while preserving partner trust?
OUTCOMES:
1. Rapid migration to cloud environments
2. Demonstrated PCI compliance leading to greater partner trust
3. Higher IT productivity
FROM THE CLIENT:
“Monitoring and alerts on cloud deployments aren’t good enough for us. We can’t afford to have misconfigurations or unauthorized changes happen in the first place.
We’ve optimized the way we think about and use AWS for mission critical systems with Fugue.”
Justin RuppSenior Systems ArchitectGlobalGiving
032718 Fugue Case Study: GlobalGiving
Business OutcomesINFRASTRUCTURE AS CODE AND POLICY AS CODE ENABLE RAPID MIGRATION TO CLOUD ENVIRONMENTS
GlobalGiving has completed moving nearly all of its data center infrastructure to the cloud. Fugue’s infrastructure as code and policy as code features have enabled GlobalGiving to swiftly provision new production environments with accompanying security and access policies.
AUTOMATED REMEDIATION OF PCI CONTROLS BUILDS PARTNER TRUST
GlobalGiving uses automated remediation to continually enforce PCI controls such as network segmentation, encryption of data at rest and in
motion, and least privilege access control. The organization has successfully completed numerous audits to meet stringent partner PCI requirements regarding financial data.
SIMPLE CONFIGURATION FILES AND AUTOMATION YIELD HIGHER IT PRODUCTIVITY
Fugue’s configuration files for infrastructure and policy are simple yet highly expressive. GlobalGiving’s IT staff can quickly create and reuse files to define even complex infrastructure environments. The staff also use Fugue’s automation features to quickly create new environments for experimentation and prototyping, which enables rapid innovation.
About Fugue Fugue helps you get cloud infrastructure right. It automates the creation of your workloads, provides visibility into what’s running, and delivers continuous governance to make sure your cloud is operating just as you declared. If it drifts, Fugue fixes it immediately. Enterprises stay compliant and ship smart innovation faster with Fugue.
The company has eight patents granted and 16 pending. Privately held and headquartered in Maryland, Fugue’s investors include New Enterprise Associates, Future Fund, Maryland Venture Fund, and Core Capital Partners. Gartner named Fugue a Cool Vendor in Cloud Computing 2017.
SOLUTION ELEMENTS
OPERATE
Provisioned infrastructure is automatically protected against drift
and unapproved changes
DECL ARE
Specify and validate infrastructure as code and policy as code with Fugue’s
Composer before provisioning
DEPLOY
Policies are separately validated during build and deployment ensuring no
non-compliant resources can be created
Fugue Drives the Infrastructure Governance Lifecycle