Rapid7 Enables an Expanding and Cohesive Multi-Cloud Security and Compliance Strategy

Challenge

Qlik, like many other enterprises, is expanding their cloud footprint and knew they would benefit from a cohesive, enterprise-level cloud security strategy. Because many parts of the organization, including the Research and Development (R&D) and Security teams, were already using cloud, they understood that they needed to implement holistic guidance to ensure that the company's cloud resources and data therein were adequately protected.

Solution

Qlik selected the Rapid7 InsightCloudSec platform. 

Knowing that they needed to maintain consistent control of their cloud environments, Qlik brought onboard a Cloud Architect to expand their Cloud team. Their initial goal was to ensure security of their existing cloud environments, which consisted mostly of AWS accounts. As Qlik continues its growth as a software and services (SaaS) technology provider, which has driven expanded use of cloud providers like Azure and Google Cloud Platform, the Cloud team has also been looking to rapidly expand its cloud security best practices into these new environments.

As one of many companies in today's highly competitive analytics and business intelligence industry, Qlik's goal was to enable their employees across the relevant business units to do as much as they could through self-service access to the cloud, as safely as possible. Specifically, they wanted their R&D team to innovate and their Sales team to sell, all while remaining secure, minimizing risk, and maximizing efficiency.

Onboarding and Integration

The InsightCloudSec team immediately started working with the Qlik Cloud team, and with guidance from the InsightCloudSec Customer Success team, integrated their AWS, GCP, and Azure accounts. Qlik found almost immediate value in their new investment. Over a period of less than 3 days, the Cloud team gained deeper, more actionable insights into their cloud environments.

The R&D team was the first business unit at Qlik to investigate InsightCloudSec as a potential cloud security solution. They soon after introduced InsightCloudSec to the Security and Cloud teams for consideration. After the InsightCloudSec Sales team offered a detailed demonstration of the platform's key capabilities and features, including unified visibility and monitoring, automation and real-time remediation, and its extensibility, the Qlik teams were confident that InsightCloudSec would be able to provide the secure guardrails they were seeking. For Qlik, this was a critical step toward fulfilling their ultimate goal of empowering employees to embrace the self-service nature of the cloud so they can innovate without creating security risk.

Empowering Others

The Qlik Sales team worked with the Qlik Cloud team to set up scenarios of typical working environments for demonstrations in the cloud. Prior to using InsightCloudSec, some of the more complex sales demo scenarios would take 2 or 3 days to build securely. After deploying InsightCloudSec, Qlik is now able to deploy scenarios in approximately 15 minutes, while ensuring RDP and SSH access is done by the corporate VPN and that HTTPS access is behind a web application firewall (WAF) which allows them to track the traffic and make sure nothing is malicious. Thanks to this huge leap in efficiency, the Cloud team has peace of mind that each and every sales demonstration is configured securely. The Qlik Cloud team, working with Rapid7, is now able to deliver an incredible experience to their Sales team, who can deliver an incredible experience to their customers.

Cost Savings

InsightCloudSec quickly proved itself to be a worthwhile investment in many other ways. By assigning appropriate startup and shutdown time tags to their virtual machines (VMs), Qlik was able to use InsightCloudSec Bots to automatically start and stop their VMs outside business hours. In the beginning, they applied startup and shutdown times to a single Azure subscription. In one month, the Cloud team saw an immediate reduction in costs of about $10-15K. Subsequently, the team has applied startup and shutdown times to all subscriptions, accounts, and projects across Azure, AWS, and GCP, and they have seen a 60% reduction in their cloud costs.

Orchestrating Agile Operation at Scale

In addition to providing significant cost savings and empowering Qlik employees to innovate and sell, the Qlik Cloud team soon realized that InsightCloudSec was much more than a cloud security tool. Most significantly, it integrated into and enhanced their standard business processes. For example, when an employee violates a specific policy, an InsightCloudSec Bot sends notifications to the appropriate people via email and Microsoft Teams, informing them of the violation.

For now, the Cloud team is pleased with the results that the automated notifications drive from Qlik employees. The Qlik Cloud team has found that Bot notifications result in a much higher rate of employee-initiated remediation to fix the issues at hand.

Better Decision-Making With Better Telemetry

The Qlik team was also impressed by the way in which InsightCloudSec provided contextual information about their cloud environment. For example, there is a fundamental difference in the risk level of a publicly accessible AWS S3 storage bucket and an Azure storage blob that looks like it's publicly accessible. The latter requires an access key, and the former does not. InsightCloudSec Insights helps Qlik differentiate the risk level of the two cloud storage tools. The ability to differentiate between what is actually publicly accessible and what isn't changed the conversations that the Cloud team was having with the Security team.

Conclusion

Qlik's Sales team is now able to offer demos efficiently and securely. They're saving $10-15K a month with the ability to start and shut down VMs outside of business hours, and InsightCloudSec is enabling them to drive human-centered processes around notification, ticketing, messaging, and also reaching into the cloud environment and reconfiguring a cloud service to make it more secure and compliant.

 With InsightCloudSec, the Qlik Cloud team can rest easy knowing the cloud environments they manage are secure, and their employees are embracing the self-service nature of the cloud and can innovate without risk.