How Cloud Comrade built a highly secure and scalable Managed Services Capability with InfraGuard.
By Kislay Chandra
“InfraGuard allows us to comply better with ISO certification requirements and cloud platform provider best practices by giving us greater control over compliance and process automation. InfraGuard builds trust between our customers and Cloud Comrade as we are able to deliver managed services in a far more secure manner on Cloud than many companies could ever dream of having on-premise. ” - Andy Waroma, Co-founder (Cloud Comrade)
Cloud Comrade Pte Ltd enables businesses and government organizations to migrate, optimize and manage cloud environments. As a fast-growing company, they were cognizant of the fact that Managed Services capability can get complicated and less-secure as organization scales - especially when multiple cloud platforms come into play. By using InfraGuard’s policy-driven, automated and OS-agnostic approach, they were able to automate maintenance, centralize server & user management and make scaling simpler.
About Cloud Comrade:
Established in 2014, Cloud Comrade is an enterprise-focused, Singapore-based cloud computing consultancy. The company offers a range of cloud IT services from strategy and design to deployment or migration and management of customers' IT infrastructure including 24/7 monitoring, maintenance, backup, and recovery. They are a partner with Amazon Web Services, Google Cloud Platform, Alibaba Cloud and Microsoft Azure. They are constantly innovating to ensure that their customers have access to the highest quality, fastest-growing and most innovative cloud toolsets that are available today.
With ST Telemedia as an investor, Cloud Comrade has a growing portfolio of infrastructure software solutions to pursue market opportunities, accelerate customer expansion, and enhance customer offerings. They have a presence in Indonesia, Malaysia, and India.
In the case of Managed Services providers, it will be safe to say “With great customers come great complexities”. The responsibility of maintaining client servers needs continuous attention on security, access, people and systems. There are attached complexities in hiring the right-skilled workforce that can be trusted with customer workloads. Further, the processes should account for limiting manual errors as much as possible, particularly for a fast-scaling company. A large team working on a large number of client infrastructures meant that access management could become very complicated very fast.
Cloud Comrade wanted a comprehensive solution that enabled Privileged Access Management on one part while also providing Automated Server Management. Limiting access to only the necessary personnel (role-based policies) while maintaining a forever log of actions performed were part of the requirement.
For the company, it was difficult to have a bird’s eye view of the entire inventory under management as they were managing hundreds of servers in multiple regions and with multiple cloud providers. This lack of view was also making it difficult to take bulk actions and even repetitive work had to be done manually.
These challenges continued when faced with specialized tasks such as Patch Management and Key Rotations.
The management knew that secure automation of these tasks was the answer, and they were looking for a custom solution that could ease up processes while enhancing security on every layer.
InfraGuard was the perfect fit for this use case - a single tool that is able to replace multiple software as well as the bulk of manual processes that could have proved a hindrance in scalability.
Cloud Comrade uses OKTA as their identity provider. Since Okta has native integration with InfraGuard’s login, the setup was easy and quick. Roles and policies for each personnel were clearly defined and enforced. The administrators had the most privileges while the readers had the fewest - Cloud Comrade could easily allocate the relevant roles to their team. There was absolute control on which employees could access which servers, and also a granular limitation on what they could do on their assigned servers. This control came with complete peace of mind for the company as now it could securely handle any number of clients.
InfraGuard’s built-in flexibility to segment servers and group them into projects enabled a clear bird’s eye view of the entire inventory. This was especially helpful as Cloud Comrade was managing multiple clients. Bulk actions could be performed on any number of servers with a single click.
Operationally, the company had the ability to run scripts on any server without creating or sharing access keys. They could store frequently-run scripts centrally and run it on any number of servers by just two clicks. Optionally, they could also schedule this execution for a later date.
The two teams worked together to create custom policies to automate standard operating procedures. These policies were then assigned to groups of servers to run at defined time intervals. This enabled Cloud Comrade to never touch the customer’s environment once suitable policies were at the place.
This auto-pilot mode was a huge help in streamlining Managed Services. The concept of monthly maintenance moved from the employee’s task list to the employee’s inbox. For example, even for a specialized task like Patch Management, servers attached to policies were scanned, patched and the final report was delivered to admins at Cloud Comrade via mail without any manual intervention.
The auditing & logging was also complete as InfraGuard provided a comprehensive report of actions taken on any server as well as the action done by any user. This report too could be emailed on a set schedule.
Working in complete synergy with InfraGuard, Cloud Comrade is now fully future-proof as it scales and expands into new territories. The manual processes have been automated, policies for access have been implemented and repetitive tasks now run on auto-pilot on an approved schedule. As Cloud Comrade expands, its clients too are now more secure and protected from maintenance or security pitfalls.