read

Expanding our Industry Leading Risk Management Solutions

By Nathan Biggs

As recognized by Gartner, OpsCompass is one of the industry’s leading providers of Cloud Security Posture Management (CSPM) solutions. CSPM is vital for organizations deploying their applications to the cloud in order to ensure that vital security configurations are established and maintained. OpsCompass does this by validating our users’ cloud configurations against industry-standard security controls and benchmarks such as CIS and NIST.

But security is only one of the risks that organizations need to be tracking in their cloud environments. OpsCompass has expanded our solutions beyond CSPM to what we have called Cloud Security and Configuration Management (CSCM). This recognizes that it is also important to monitor resource configurations for regulatory compliance, to watch how configurations drift to ensure against runaway cloud costs, to implement accountability measures, and to provide actionable steps that our customers can take to resolve concerns. There is one risk profile, however, that no CSPM vendor, except for OpsCompass, is helping their customers address, and that is the risk of uncontrolled vendor licenses.

 

Staying Compliant During a Cloud Migration

 

While attending the VMworld conference in 2017, I watched the VMware Cloud on AWS solution was rolled out. They invited Karine Semmer, then Director of IT Hosting Transformation and Modernization at Medtronic, to speak of her experience using the VMC on AWS in a pre-release trial. She said how great it had been, but then made the following statement that really caught my attention, “The one challenge which I think many of you will recognize if you have done anything contractually around licensing, going from on-prem to cloud, that again is our more significant challenge. One that is true for the cloud industry.

What Ms. Semmer identified in 2017 is still true today – uncontrolled license usage from software vendors like Oracle, Microsoft, and IBM, represent a costly and potentially even existential risk to organizations both on-premises and in the cloud.

To illustrate the magnitude of the potential risk, let’s consider running an Oracle database in AWS or Azure. Let’s say that an organization is running all of their Oracle databases in the cloud using 500 virtual CPU (vCPU). With hyperthreading enabled, that requires 250 Processor licenses of Oracle Database Enterprise Edition. Without knowing the potential impact, this organization’s database administrator performs a DataPump export on all of the databases and enables the Compress-All flag, and also enables Encryption to keep the data secure. Since the organization does not own any licenses for the Advanced Compression, or Advanced Security database options, they are now out of compliance in their cloud usage. At Oracle’s list price, this is a financial impact to the organization of over $8 million!

To address this risk, OpsCompass is providing a first-of-a-kind solution – the OpsCompass License Manager (OLM). OLM works on-premises and in the cloud to monitor critical software license compliance, such as Oracle databases and the licensable database features. By tracking all of the licenses that a customer has purchased, and actively monitoring the usage of the software, we will identify and alert on events where the usage exceeds the available entitlement.

House of Brick, the global services division of OpsCompass, has more than 22 years of experience helping customers avoid the risks and costs associated with enterprise applications, such as those using Oracle database. The uncontrolled usage of Oracle database features is the single biggest cost and risk area that House of Brick’s thousands of clients have faced in the hundreds of audits that we have defended. OpsCompass License Manager captures that extensive audit defense experience to actively and automatically watch the databases in the cloud, or on-premises, to ensure this risk is effectively mitigated.

Moving enterprise-critical workloads to the cloud brings many advantages to our customers. There are also significant risks in the cloud that must be addressed early in the migration process. OpsCompass products and services address these risks so that your cloud experience can be focused on enterprise success rather than worrying about disruptive and costly pitfalls.

Tags: Security & Compliance, Cloud Security Posture Management, Cloud Security