Apiture Integrates Data Security into SecOps with Open Raven
When Apiture migrated to the cloud for improved service delivery speed and quality, CISO Sean Darragh needed to maintain his ability to protect data from attacks and compliance risks. For Apiture, security is not simply a requirement; it is a core business value. Like many, Sean understands that the pace of the cloud will continue to accelerate. The answer was not to make more hires but to find a more efficient approach. He knew that the familiar list of legacy, non-native, governance and DLP tools would not give him the leading-edge efficiency he was after. Sean’s goal was to find a cloud-native, data-centric, and automated approach to three challenges: Discovering assets and classifying data; Applying data guardrails with policies that follow the data; Driving proactive security with data analysis.
"I don’t want another single-note tool. I need an automated platform that tells me where sensitive data is and when the controls must be hardened."
We asked Sean his biggest challenges and here are the issues he described:
Discovering assets and classifying data
Sean describes visibility as a fundamental requirement for good security posture. Visibility feeds every part of SecOps from planning to detection, response, and reporting. However, his previous toolset required significant time and manual steps involving multiple roles—DBAs, architects, and service owners, among others. It was clear that such efforts would continue to increase with both the advancement of cloud technology and the growth of the business.
Automating these tasks with Open Raven proved to be invaluable in scaling the effectiveness of Sean's team. The Open Raven Data Security Platform simplified how Sean's team answers fundamental data questions with automated discovery, mapping, and classification across their AWS Organization. Sean’s team found the setup simple, fast, and familiar. Upon connecting, the Map and Asset List began populating with discovered resources and attributes, including asset type, region, account, encryption status, MFA settings, backup status, VPC peering relationships, and security group access. Immediately, Sean and his team were able to quickly confirm assumptions about their environment that would have previously required significant work.
Sean describes his day one impressions of the Open Raven Data Security Platform, “The ease of setup is a huge burden of work lifted from my team and, based on my experience with other tools, is unique and unexpected. And then I get a map of my cloud? Impressive. I was immediately able to see every region in which we have resources, with granular details available in a click. This is exactly what I needed. Automation is critically important in adapting to the speed, variety of changes, and threats in the cloud.”
Applying data guardrails with policies that follow the data
Sean needed to future-proof his tooling and processes to support the speed of the business. To get there, he needed to streamline risk detection and response without adding bottlenecks such as hard checkpoints.
The Open Raven Data Security Platform enabled Sean’s team to apply policies to specific data types, regardless of location, rather than particular services or storage pools, and automate risk detection of rogue assets and misplaced data. Sean said, “With Open Raven, we can easily translate business rules into enforceable policies that follow the data rather than being enforced where we think all of our sensitive data resides. We don’t need to slow anyone down because we have automated guardrails that tell us when mistakes have been made and need attention.”
For Sean, risk is always top of mind. Open Raven provides relief through its immediate visibility and automated data risk detection. Such automation allows his SecOps Team to focus their time on preventing issues and hardening defenses rather than repetitive, manual tasks. “My job as a CISO is to identify and communicate risk. For that, I need hard data points, not assumptions. Before Open Raven, identifying the locations and types of sensitive and financial data required significant time and entirely too much JSON. Now, every morning, I come into the office, log in to Open Raven Maps, and know that we’re on top of all the changes occurring across our infrastructure. With Open Raven, I have automated visibility and control and can better scale my resources. I can’t get this anywhere else, not as quickly nor as affordably.”
Driving proactive security with data analysis
The complexities surrounding cloud visibility require significant efforts by Sean’s team. To define and drive proactive security, Sean needed more efficient data discovery, classification, and analysis. Having precise and current supporting information is critical to gaining approval and garnering organizational support for initiatives. Sean and his team spend valuable time discovering assets, evaluating risks, and analyzing viable next steps versus time hardening defenses.
The built-in Splunk-based Analytics Module allows his team to incorporate data findings from Open Raven in SPL queries, reports, and dashboards. Combining infrastructure and data context is valuable beyond Security. Apiture’s Finance and Legal Teams often coordinate across departments to gain point-in-time snapshots into cloud costs and risks. Now, his team has unfettered access to discover and investigate infrastructure much like data scientists, extracting valuable insights for use in continued proactive security.
"We can more quickly and easily show what we have going on and why we need to take specific actions. It doesn’t matter what you know or say if your audience can’t understand it. The built-in data visualizations help me own the security conversation.”
Sean needed a more efficient method to stay on top of sensitive data assets, tried Open Raven, and found a force-multiplier in improving detection and response for at-risk data. The decision to use Open Raven as his cloud data security platform continues to be justified. Repetitive but critical discovery and classification tasks have been automated, streamlining many parts of SecOps. Working with the Open Raven Services Team, Sean customized dashboards to show trends about sensitive data across his environment. “I already considered the platform to be a force multiplier because of asset discovery, mapping, data classification, and guardrails; but, the Analytics Module truly set it apart. Open Raven nailed it when they identified the shift to data-centric security for the cloud. I’m excited to have such confidence in our posture as new threats and regulations come to surface.”