About the customer
As a leading IT consultancy and cloud services provider in Europe, Hardis Group helps companies transform their IT operation and application infrastructures to accelerate innovation with private cloud, public cloud, as well as hybrid cloud by effectively combining their IT production. With strong international growth, Hardis Group needed to strengthen the security of ‘cloud-native’ applications and cloud services to meet customer demands.
Software Development Services
The Challenge for Hardis Group
Anticipate new IT challenges
Over the years, Hardis Group has built and implemented a robust security policy on its infrastructure in order to offer secured Information Security service to their customers. But as mobility, connected devices and the number of open and heterogeneous information systems proliferate, the risks for business continuity and data breaches have become a prime concern. The IT team must be able to identify the security weakness amongst their machines and networks and their associated vulnerabilities to prevent potential cyber-attacks before they happen. Most of Hardis’ assets are virtualized to optimize IT resources. However, the adoption of elastic infrastructure and virtual machines opens the floodgate for shadow IT, posing new challenge for the team to carry out regular checks and address all updates, vulnerabilities, and misconfigurations across thousands of machines and networks.
Enhancing long-term security with Outpost24
To tackle this challenge, Hardis Group turned to Outpost24’s full stack cyber assessment platform for real-time vulnerability assessment solution for its infrastructure and cloud environments. They chose Outpost24 over other vendors for several reasons:
- Time to value: The ability to automatically discover all assets across thousands of networks and cloud instances provided a solution for shadow IT and a huge time-saving. The IT team is able to gain full visibility of the infrastructure and easily group their networks and servers and define the scope for continuous testing.
- Ease of vulnerability prioritization: The reports returned from security scans are often too vast for IT teams to digest and take meaningful actions on. Outpost24’s solution-based reporting cuts through the noise and provides Hardis Group with actionable insights that are easy to understand and act on. By presenting only relevant scan results, it makes it possible for the team to understand the context of their cyber exposure and prioritize remediation based on business criticality and quick-wins.
- Superior user experience: “The product is smart and intuitive. The automation features have been crucial for our teams” adds Jérôme Mollaret, cybersecurity manager at Hardis Group.
Ensuring and automating compliance
Tens of thousands of daily tests are automatically performed on servers and configurations to ensure Hardis Group’s meets the compliance requirement for security best practices set by the ANSSI (the National Cybersecurity Agency of France) and CIS hygiene guide. Using Outpost24, the IT team can automate the tests and benefit from real-time alerts and comprehensive reports. Real-time alerts ensure the team can remediate any critical vulnerabilities immediately when discovered and reduce the threat of cyber attacks in a timely manner. Finally, large-scale automation and Outpost24’s unique clone technology make it possible to monitor several thousand cloud servers at the same time and minimize the impact of system performance to achieve cost savings and uptime guarantees
Recent cyber-attacks (WannaCry / NotPetya) highlighted the need to continuously assess the security posture of the IT infrastructure. Companies with a vast infrastructure like Hardis Group cannot afford to fall behind security best practice and compromise customer trust. Continuous monitoring of all assets with automation and solution-based reporting with Outpost24 were, therefore, essential to optimize the use of security resources and reduce the attack surface for the Hardis Group.
- Auto-discovery technology: identifies all assets quickly
- Continuous monitoring of thousands of servers
- Connectors: VMware / AWS / Azure / Google Cloud
- Cloning technology: to perform in-depth analysis
- Support: the team is reactive and available
- Reports: easy, comprehensive and understandable