Traditionally, enterprises have deployed a variety of IT controls – such as strong access controls, vulnerability assessment, file integrity monitoring, log monitoring, etc. – in order to comply with regulations like PCI DSS, HIPAA, SOC2, and SOX.
Within traditional data centers, this approach works fine. But when organizations move to Infrastructure-as-a-Service (IaaS) or hybrid environments, the patchwork of security controls can’t keep up. Fundamentally, they are not designed to keep up with ever-changing IT delivery processes.
Specifically problems can include:
Traditional controls do not operate continuously, which means they can completely miss seeing workloads that spin up and down rapidly in the cloud
Coordinating scanning window permissions with cloud service providers is a labor-intensive task for IT security personnel
To get high-quality detections, network scanners require that credential-based authenticated scanning be performed on endpoints. But managing credentials is a laborious effort when systems are constantly changing.
Traditional host-based security products and log management products are slow to deploy, causing security to be a bottleneck
The CloudPassage® Halo® automated security and compliance platform solves all of these challenges. Halo provides businesses the easiest, most automated way to ensure and verify continuous server compliance management across environments.
Working across any cloud or hybrid infrastructure (public cloud, private cloud, hybrid, multicloud, or virtualized data center including bare metal), Halo provides continuous visibility and enforcement as a service.
Halo consolidates your traditional compliance controls into a single platform
Where traditional security tools are segmented and bolted-on, Halo provides within a single platform that integrates with your existing orchestration tools in order to provide seamless, continuous compliance.
- File Integrity Monitoring (FIM)
- Software Vulnerability Assessment (SVA)
- Software Configuration Management (SCM)
- Server Account Management (SAM)
- Log-based Intrusion Detection (LIDS)
HIPAA (Health Insurance Portability and Accountability Act) is legislation that requires data privacy and security provisions for organizations to safeguard any medical information. Halo allows for HIPAA compliance through automated policy implementation. Citrix, for example, chose Halo and was HIPAA-ready within 10 days of deployment.
The Service Organization Control (SOC) reporting framework for SOC 2, Type 2, is designed for technology and cloud computing organizations, and CloudPassage has been audited against it. The SOC 2 report – which concentrates on a business’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system – is available to customers to meet a wide range of US and international auditing requirements.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards. As overseen by the PCI Standards Council (SSC), CloudPassage places stringent controls around cardholder data as both a service provider and merchant.