Google Cloud Platform Security Remediation

As a national distributor of foods grew its operation and expanded the use of various cloud providers, the company realized that its security policies and processes were implemented inconsistently across organizations and providers. In order to address this growing concern, they engaged Triverus as a strategic technology partner to assist in developing a roadmap for comprehensive remediation of their Google Cloud Platform (GCP) security posture.

Challenges

Within this company’s organization, Google Cloud Platform (GCP) applications were managed by a single group operating with complete autonomy.  As a result, the application management process was a black box to other teams across the organization. IT teams, including security operations lacked sufficient experience and training on GCP. Common security operational processes such as logging, monitoring, and vulnerability scanning was happening in an inconsistent manner. The security team suspected that there were issues and risks on the platform but were unsure how best to move forward.

Results

The Triverus team conducted an analysis of the company’s GCP application architecture and operational processes and identified over 120 security remediation recommendations.  These recommendations were categorized as either short-term / tactical, or longer-term / strategic. Triverus then helped the organization prioritize and begin implementing the tactical remediation items using the organization’s preferred Agile Kanban methodology.  

For the longer-term remediation items, the Triverus team documented a roadmap to build a next generation cloud architecture incorporating best practices and ensuring that workloads deployed to this architecture will be remediated. Triverus broke the work down into agile stories and collaborated with the organization to prioritize and estimate each story.  

Using these approaches, Triverus helped the food distributor’s IT organization align and focus on the single goal of addressing their most pressing security concerns while positioning for the longer term.

How We Helped

Triverus leveraged our Cloud Security Assessment Framework, a robust, comprehensive assessment tool designed to provide a repeatable structure to guide the assessment. This framework combines standards from the National Institute of Standards and Technology Cybersecurity Framework (NIST) and Homeland Security Cloud Security Guidance. We also leveraged GCP best practices such as the GCP Customer Responsibility Matrix and the Center for Information Security Google Cloud Platform Foundation Benchmark.

The Triverus team reviewed the distributor’s entire GCP platform using the Cloud Security Assessment Framework as a guide to ensure a comprehensive review, making recommendations along the way. Triverus established a Risk Index that clearly spelled out the organization’s vulnerability areas, from highest to lowest and allowed the organization’s leadership to understand relative risks and prioritize resources accordingly. It also created a heat map to better visualize and communicate the risks. The recommendations were documented and communicated to the appropriate IT teams who took ownership of the remediation efforts.  Triverus supported the distributor’s teams in the remediation of short-term items while tracking all activities across teams to provide management visibility. Triverus helped the organization plan for the longer-term remediation effort providing insight into the relative size and priority of each item.