Our customer did a Cloud migration to GCP about 5 years ago, with a standard lift & shift approach.  Many practices and standards used were reasonably successful. As they looked to modernize their application development practice and leverage Kubernetes running containers, they were running into significant technical and security challenges as a consequence of architectural decisions made many years earlier.

The solution

A number of observations, including critical ones, were identified for immediate remediation. Solutions included:

– Leverage GCP Shared VPC to address Next Generation Firewall practices

– Optimize Google StackDriver to provide better visibility of activity in the environment

– Enable Security Command Center Premium to provide stronger Security Threat Intelligence & monitoring of activities

– Provide Org. Policy recommendation to stop users from enabling non-compliant configurations

– Provide Secret Key Management proposal to help address the lack of standardized key management solution

A detailed report and summary was presented to their leadership.  Findings were prioritized and solutions approaches were identified.  Dito helped enable Security Command Center Premium and immediately resolved the lack of StackDriver logging and monitoring standards within the environment as these were easy wins. 

Dito looked at the whole customer ecosystem, understood how it got to the current point and provided tailored recommendations.  Furthermore, Dito went beyond Partner Advantage’s workshop recommendations and analyzed the customer VM application DevOps practices.