here - CloudPassage

SOLUTION BRIEF
Compliance for Cloud Environments Simplified
Assessing and reducing risk is important for the lifecycle of cloud workloads. This
requires a manageable solution that supports diverse cloud environments. Halo
automates security controls for compliance without compromising cloud efficiency.
Halo Benefits
•Simplify compliance with automated
security controls that manage risk
throughout the lifecycle of the cloud
workload
•Reduce the friction of managing
multiple security products with a
comprehensive, purpose-built cloud
solution.
•Easier audits with an audit trail of
server workload state including
changes and access enables a higher
confidence of compliance and proof
Halo offers cloud compliance
support for:
•PCI DSS
•HIPAA
•SOC 2
•ISO 27001
•COBIT 5
Shared Responsibilities for Compliance
Every cloud provider has a demarcation where they will provide robust security and
certification of compliance, and where they relinquish responsibility to the business
that is purchasing the cloud infrastructure service. There may be some graduated
risk responsibilities that differ between service providers, but it remains the sole
responsibility of the business to manage risk with the proper security controls for the
server instance or workload.
For enterprises, sharing risk responsibilities is a new challenge and performing due
diligence to ensure third-party compliance a new requirement. Security companies
have responded with security controls that are not cloud friendly. Their focus is on
integrating the security applications into the master server image but then this proves
to be difficult to manage in dynamic cloud environments. This has led to a breakdown
in cloud security compliance.
Governance
Integrating into governance, risk and compliance solutions is important as cloud
innovations continue to propel businesses, which means cloud environments need
to be accessed like all other enterprise IT systems. The cost of compliance
escalates when security controls become cumbersome in the cloud with less than
optimal results. The use of cloud environments is a concern to business because
of the speed of change that they facilitate. Having a compliance solution that is
purpose-built for the cloud helps to manage the risk and reward balance.
Risk-Based Compliance
As part of the risk management framework, NIST* identifies four major areas of
concern for companies when addressing compliance in cloud environments:
Implementing Policy—Is there a guarantee that every server instance will automatically have security protections, especially when they are proliferating quickly?
Assessment—Can vulnerability information be captured without having to assign
credentials to obtain the necessary details?
Authorization—Will objects that are dynamically created inherit the proper security
policy based on risk classification, including firewall and access controls?
Monitoring—Can details of the state of workload and its compliance status be
accessible even if the workload is only in production for a few hours before being
disposed of in the cloud environment?
Protect your workloads today!
cloudpassage.com
Go directly to cloudpassage.com/amazon and try Halo free for 15 days or
call 415.886.3020
I m pl
ng
em
ri
en
t
Continuous monitoring
and logging of all
security policies and
changes.
Halo
M on
Manny Landron, Senior Manager of Security
and Compliance at Citrix ShareFile
Security managers should consider how the speed and scale of change in dynamic
cloud elements can break compliance and slow down business. Achieving sustainable
compliance is about identifying what security controls and policies are necessary
while understanding the challenges of cloud environments:
it o
“With CloudPassage we
can show what we do
for security and show how
we prove it.”
®
Asses
en
t
i
sm
t
A utho
i
za
Multifactor
authorization for
network and secure
service access.
on
for Compliance
Easily integrates
with cloud
orchestration tools
for rapid deployment.
Checks for security
policies updates
every 60 seconds.
Vulnerability and
configuration
assessments and
alerts to changes
in policy.
Automating Compliance Support with Halo
Halo provides a number of critical security controls that support the efforts of
compliance for business. Whether used for managing internal compliance or a means
to achieve PCI DSS, HIPAA, or SOC 2 compliance, Halo has been purpose-built to
address these needs across public, private, hybrid and traditional datacenters. Halo
is an easily deployed SaaS solution that understands the lifecycle of cloud workloads,
making minimal impact to server performance and resources. Key features include:
•Delivering dynamic host firewall automation to manage the communication and
access, both inbound and outbound, minimizing security risks
•Obtaining host intrusion detection through file and registry integrity monitoring,
validating changes are trusted and approved
About CloudPassage
CloudPassage is the leading Software
Defined Security (SDSec) company
addressing the number one inhibitor to
cloud infrastructure adoption—security.
The patented CloudPassage Halo is
the industry’s only security and compliance
SaaS solution purpose-built to handle
the dynamic nature of software defined
environments, public, private, hybrid
cloud and traditional data centers. Halo
operates seamlessly across these enviroments providing a range of automated
security and compliance controls needed
to enable innovation.
•Providing server and application configuration monitoring, vulnerability and patch
scanning to keep workloads hardened in accordance with security best practices
•Alerting to security events and challenges to security policy with integration to
SIEM and Log solutions
•Integration with GRC solutions through an API to customize governance and risk
management
Halo allows businesses to address risk-based compliance from end-to-end and
through multi-cloud environments.
CloudPassage® and Halo® are registered trademarks of CloudPassage, Inc. SB_COM_042014
*http://csrc.nist.gov/publications/nistpubs/80037-rev1/sp800-37-rev1-final.pdf
Protect your workloads today!
cloudpassage.com
Go directly to cloudpassage.com/amazon and try Halo free for 15 days or
call 415.886.3020