This customer had engaged another Google partner to build a Cloud Foundation for their expansion into GCP. While the GCP basic environment was set up, it lacked the necessary integrations needed to “go live”. Missing elements included: No ServiceNow integration, No Cloud Custodian integration for Policy enforcement and remediation, No Tenable.io integration for security scanning, No VM image creation pipeline, No Secrets Manager, No QRadar SIEM integration, No Active Directory integration. The customer refused to put real workloads within GCP until these unified multi-cloud practices were in place.
A number of gaps were identified and prioritized based on urgency, each of these were tackled to enable GCP within their multi-cloud system, including:
– Integration with ServiceNow CMDB/Cloud Custodian
Cloud Identity/Cloud IAM:
– Integrated Cloud Identity with Azure AD
– Defined best practices for Cloud IAM groups/roles
– Enabled audit logs for Super Admins
– Standardized 3rd party WAF & Next Gen Firewall design for GCP
– Architected alternative Cloud Armor/CDN/Load Balancer solution
Cloud Operation Suite (Stackdriver)
Security Command Center (Premium):
– Enabled & Validated SCC for Event Threat Detection/Cloud Security Scanner
Cloud Audit Logs
The customer was able to begin enabling application workloads within GCP following their standardized approach. Most engagements involve configuring & setting-up Google solutions, this project required deep knowledge of both GCP best practices & 3rd party security/operational tools.