Cantaloupe, a leader in technology solutions for the self-service economy, adopts Stacklet to enable real-time visibility and automated remediation for proactively reducing risk across a growing cloud estate.
CASE STUDY
Gaining the Advantage of Automated Risk Remediation Across Cantaloupe’s Multi- Cloud Environment Cantaloupe, a leader in technology solutions for the self-service economy, adopts Stacklet to enable real-time visibility and automated remediation for proactively reducing risk across a growing cloud estate.
Industry: Self-Service Commerce Customers: 20,000+ Headquarters: Malvern, Pennsylvania, United States Cloud Platforms:
www.stacklet.io
CASE STUDY
Challenge • As the company experienced a growth in demand for self- service and contactless payments, it recognized the need for a comprehensive, proactive approach to reducing risk in the cloud. • The security team looked for a solution to efficiently secure a growing cloud estate. • Existing tools in the market lacked near-time remediation, were too complex to use, and introduced friction for developers. Impact • Cantaloupe rapidly gained real-time visibility into misconfiguration across multiple cloud platforms. • Cantaloupe established real-time, automated remediation, notifications, and workflows to respond to potential risks. • Cantaloupe reduced operational overheads of managing risks and meeting reporting compliance for regulatory bodies and industry standards such as SOC-2 and CIS.
2
www.stacklet.io
CASE STUDY
Employing a Growing Cloud Estate to Adapt to Business Growth in Cashless Payments Cantaloupe delivers solutions that empower businesses to accept and profit from self- service payments. The company was founded more than 30 years ago, with a focus on enabling customers in the vending market to accept all forms of digital payments. Since that time, the company has continued to evolve and innovate, serving an expanding range of industries and geographies. Today, the company offers a complete platform that delivers capabilities for cashless acceptance, consumer engagement, and business optimization. With the onset of the global pandemic, the move to contactless payments accelerated dramatically, which served to intensify the demand for Cantaloupe’s solutions. Further, even as employees returned to corporate workplaces, the demand for self-checkout point- of-sale kiosks, continued to expand. To support their solutions and growing customer base, the team at Cantaloupe needs to operate millions of IoT devices, and to support billions of payment transactions. To accommodate this scale while maximizing agility, the team relies on cloud services, leveraging a mix of offerings from AWS and Microsoft Azure. A Multitude of Configuration Options and Limited Skillset Increase Risk “Scale is amazing at times and daunting at times. We are now able to drive new capabilities at scale and innovate rapidly with the power of the cloud. Cloud has significantly, decreased our time to market and instant access to expanded capability on demand. However, with cloud also comes different implications of security and risk exposures,” revealed Gaurav Singal, Chief Technology Officer, Cantaloupe, Inc. Over time, the number of cloud providers, and specific cloud services in use continued to grow. These services all offer a wide range of configuration options and operations tools. For their security team, it was challenging to optimally employ and secure all these different services and tools across their expanding cloud footprint, and meet the businesses increased demand for agility. Further, it was increasingly problematic to invest all the time and effort needed to ensure all these resources were configured appropriately. Even a single exposed resource can have catastrophic implications in terms of brand damage, operations, and financial penalties. Given this, securing their ever-expanding cloud infrastructure became increasingly critical for their business. “To continue to scale our operations, while strengthening our security posture, we sought to find tools that would enable our security staff to establish automated deployments according to optimized configurations, and to gain capabilities for real-time remediation if non-compliant resources were identified,” revealed Paul Hamman, Chief Information Security Officer, Cantaloupe, Inc. “Further, we wanted to ensure these security mechanisms didn’t create any friction for our developers.” During the team’s initial searches, the tools evaluated were too complex to use, and they didn’t enable real-time remediation.
3
www.stacklet.io
CASE STUDY
Cantaloupe Adopted Governace as Code With Stacklet to Enable Real-time Remediation Stacklet offered the ability to establish automated processes, including for notification and remediation, which were vital in enabling the team to scale their operations across an increasing variety of cloud providers and services. The promise of the Governance as Code model and Cloud Custodian resonated with us and brought us to Stacklet. The other tools we evaluated lacked real-time remediation capabilities and were difficult to use. The Stacklet platform enabled us to get up and running quickly and now helps us detect and take action against non-compliant, risk-prone resources in real-time. Paul Hamman, Chief Information Security Officer, Cantaloupe, Inc. “ As we expanded cloud usage to support our growing business, we needed to be able to enforce organizational policies, without burdening our teams. Paul Hamman, Chief Information Security Officer, Cantaloupe, Inc. “ The solution makes it easy for the security team to make policy changes to accommodate evolving compliance or customer requirements, without hindering developer velocity. Based on the open-source Cloud Custodian solution, Stacklet helped simplify deployment and ongoing management. The solution offers an intuitive management console and automated discovery and deployment. As a result, Stacklet helped streamline and accelerate their move to adopt the Governance as Code model.
4
www.stacklet.io
CASE STUDY
The Stacklet platform helps us detect and remediate potential misconfigurations that might cause a breach, and to do so in near real time. The solution helps us standardize policy enforcement and remediation workflows, which has enabled us to fix issues faster and foster the behavior change that helps prevent those issues from occurring in the first place. Paul Hamman, Chief Information Security Officer, Cantaloupe, Inc. “ Establish Real-Time Visibility and Reduced Risk With Stacklet, Cantaloupe can establish real-time visibility into configurations, helping the team strengthen its security posture. With Stacklet, the team can quickly identify misconfigured access controls and non-compliant assets, such as publicly exposed resources. Stacklet can automatically remediate non-compliant resources or route notifications to the appropriate teams. Further, it enables the security team to customize those notifications. For example, if a developer violated a security policy, they can be notified of that violation via Slack. These notifications can even provide pointers on how to avoid these violations in the future. With these intuitive, automated capabilities, Stacklet enabled us to get started in minutes. In fact, during the proof-of-concept process, we logged into the Stacklet console and within five minutes, we identified several misconfigurations that needed our security team’s attention. Paul Hamman, Chief Information Security Officer, Cantaloupe, Inc. “
5
www.stacklet.io
CASE STUDY
Reduce Operational Overhead and Boost Compliance Now, Cantaloupe’s security team can easily manage and deploy policies across multiple cloud platforms and resources. The solution enables the team to establish automated discovery of resources. In addition, deployment of pre-packaged policies can be automated as well. “Stacklet has given our team the ability to secure an ever-growing number of resources and platforms,” Hamman revealed. “We are able to respond to potential risks and changing compliance requirements much faster.” Hamman continued, “The Stacklet platform provides out-of-the-box policies and dashboards for different regulatory mandates and benchmarks, such as SOC 2 and CIS. This allows us to meet our compliance requirements more rapidly. Further, Stacklet enables us to adjust policies quickly and efficiently any time regulations or customer requirements change—without modifying any application code.”
©2020–2022 Stacklet, Inc. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. SCS-11182022
6
www.stacklet.io
Page 1 Page 2 Page 3 Page 4 Page 5 Page 6Made with FlippingBook - professional solution for displaying marketing and sales documents online