CyberSec Company Reduces Lead Time for Changes by 99%

Background

The company is a cybersecurity provider working with top manufacturers to safeguard critical data. The company’s solution is delivered via a cloud-based platform that orchestrates data distribution into customer data lakes, where it’s used for application development. 

Crucially, due to the sensitive nature of the data in question, the security solution is deployed within each customer's own cloud perimeter in a series of Kubernetes clusters. 

All interactions, including ongoing access and updates, are managed through these clusters, hosted by the customers but securely maintained by the company.

Challenge

Working with large global manufacturers meant that each of the company’s customers managed its cloud in accordance with its own specific security standards. 

This created a variation of scenarios and presented significant operational challenges, necessitating the company to customize processes and services, leading to high costs and inefficiencies. 

Moreover, access management also presented a challenge; every time the team connected to a customer’s cloud environment, they had to obtain permissions manually from the respective client.

This lack of consistency forced the team to manually connect to each customer cloud every time they needed to make changes to the cluster.

These dependencies, amplified by the inability to run continuous processes or make changes in bulk, resulted in critical issues that took days and even weeks to fix. Often, by the time the fix was implemented, the team already had new updates they needed to roll out.

Adding to the complexity, the fractured manual process hindered audibility and the implementation of coherent governance processes, needed to better ensure the security of the customer’s sensitive data.

Solution

The cybersecurity company approached env0 with a proposition to use its self-hosted Kubernetes agent to securely access and manage resources across all of its customer clusters. 

Using env0 as a centralized hub for all configuration changes, the security company managed all interactions with those clusters and rolled out changes in a single swoop. 

To achieve that the company implemented the following process:

1. env0 agent was installed in its Kubernetes cluster across all relevant customers' cloud environments.
2. The agent received permission to manage the company’s assets running on the cluster while being completely isolated from other resources.
3. The engineering team utilized the env0 agent to control selective or collective changes.
4. Centralized logging features in env0 were employed for audit logs of all engineering activities, enhancing security governance.

Additionally, the company utilized env0’s drift detection to identify and resolve potential issues caused by other teams working on the same cloud environment.

Results

The implementation of env0 has brought about several benefits:

• Operational efficiency - The automated process has reduced overhead from manual tasks, streamlining customer onboarding and accelerating updates, ultimately saving time and improving customer satisfaction.
• 99% reduction in lead time for change - Changes to K8s clusters now take a mere 30 minutes with env0, a significant improvement from the previous weeks-long process.
• Process coherency - env0 allowed for setting up coherent and consistent processes across diverse customer environments, saving time and effort previously spent on customization.
• Improved security and visibility - env0's audit logs enabled monitoring of activities, ensuring actions are secure and free from inadvertent risks to customer environments.
• High-quality services - With env0, the company could offer a seamless SaaS-like experience, simplifying cluster management and environment modifications. Customers benefit from efficient management of complex K8s clusters, saving time and enhancing satisfaction.