iland, an enterprise cloud services provider, wanted to enhance their Enterprise Cloud Services (ECS) platform with greater security to meet customer needs. They turned to Nessus® for:
- API programmability to customize a seamlessly integrated security solution
- Extensive compliance auditing for regulated industries
- Reputation as the world class standard for vulnerability management
By integrating security products such as Nessus into ECS, iland built Enterprise Cloud Services – Advanced Security, providing granular level control that enterprises are accustomed to with on-premises solutions.
About the Organization
iland, an award-winning enterprise cloud hosting provider, is a privately held company headquartered in Houston, Texas with eight data centers world-wide across the US, UK and Singapore. Known for their superior customer relations, iland caters to mid-sized and large companies, providing an alternative to the large cloud service providers for organizations that are looking for more granular level control over their cloud assets.
iland o ers cloud services built on their enterprise class VMware vCloud platform, Enterprise Cloud Services (ECS). Recently, iland decided to o er greater security protection to their customers. So they did an analysis of their competitors, including some of the larger public cloud providers, and realized that those services o ered bolt-on security solutions that required the management, maintenance and expense of additional third-party tools. But iland wanted to deliver a one-stop security and compliance solution to their customers.
The Tenable Solution
iland decided to create Enterprise Cloud Services - Advanced Security (ECS-AS), a public cloud o ering that provides security services and regulatory compliance, including vulnerability management through the seamless integration of Nessus into ECS. Because many companies don’t have the budget for cybersecurity specialists or expensive security tools, ECS-AS o ers an attractive cloud-based solution for mid-sized companies in industries such as healthcare, nancial services, and other regulated organizations.
iland researched several security solutions and chose Nessus for vulnerability management for several key reasons:
- Nessus is accepted as the gold standard for vulnerability management by customers worldwide.
- Nessus o ers a powerful API. Without this programmatic interface, iland could not have successfully integrated Nessus capabilities into their own product. This “baked in” approach facilitates security management and control for their cloud customers, eliminating the management of a separate tool. “Programmatically accessing data is so important,” said Justin Giardina, iland CTO. “As a service provider, it is very hard to nd enterprise grade technologies to use programmatically.”
- Competitive pricing – Nessus is competitively priced, o ering an attractive upgrade for iland customers wishing to migrate to the new platform from ECS
- Superior reporting capabilities – iland used many Nessus reports out of the box as they were easy to consume and analyze for customers.
Together with Nessus, iland’s Enterprise Cloud Services - Advanced Security (ECS-AS) provides central intrusion detection, vulnerability management, and regulatory compliance, assuring iland customers that they have the best protection for their cloud-based systems.
ECS-AS also o ers customers another important business advantage: regulatory compliance. With several healthcare organizations as customers, iland now provides on-demand HIPAA compliance reporting in ECS-AS through the use of Nessus HIPAA auditing templates. PCI compliance reporting is on the iland roadmap for 2016 o erings.
Thanks to the Nessus API, iland had their ECS-AS o ering up and running in just two short weeks. And for iland customers who want to migrate their cloud services from ECS to ECS-AS, there is no downtime; the move is non-intrusive. iland has also gained new customers who are migrating from on-premises systems to ECS-AS, particularly for auditing capabilities.
Because Nessus is so well known and respected as the global standard for vulnerability management, Giardina notes that “our security-minded customers are pleased to hear that we are using Nessus in ECS-AS; they love Nessus.”
ECS-AS users reaped the bene ts of Nessus security almost immediately.
- “When a customer comes on board, we feed their public IP addresses into our Nessus scanners,” explained Giardina. “Customers get an alert if a critical vulnerability is found. Several customers who had been using ECS for 3-4 years and thought they were totally secure were surprised when ECS-AS delivered their rst Nessus-generated vulnerability alerts which identi ed weaknesses that they were not aware of. The ability to locate vulnerabilities quickly and to link to the speci c CVEs delivered instant value that our customers really appreciated.”
- “We can scan our global footprint within a 12 hour timeframe,” stated Giardina. “It’s a testament to Nessus that it is very e cient.”
- Business owners as well as security analysts have been pleased with the addition of Nessus. Giardina explained, “With ECS-AS, our customers improve their security posture, particularly if they don’t have the skill set or a solution on-prem. We’re selling peace of mind to the business owners.”
- “We’ve also found that cloud developers often spin up nodes but may forget to turn o VMs that they no longer need. While the cloud can be friendly for provisioning servers, it can be a nightmare for admins in charge of change control,” said Giardina. “The Nessus vulnerability reports help busy admins gain complete visibility into their systems.”- “ECS-AS helps our customers take on more mature and complex cloud use cases,” noted Monica Brink, Director of Product Marketing. “A lot of customers are using cloud for dev test environments, but with the added security that Nessus helps deliver, they can move to production and live apps. Nessus helps position iland as a leader in cloud security and compliance.”
Initial reception for ECS-AS has been outstanding, so iland is busy planning for future enhancements. Top of the list is Nessus Agents. “If we can o er an agent within the operating system, we can get more detail for our customers,” said Giardina. “If we can scan more than just the customers’ public IP addresses and get behind the rewall, that will be another value add.”
ECS-AS security reporting features will soon include a vulnerability footprint graph, an accounting of vulnerability assessments and statuses over the past year, and a progress report on improvements made as a result of discovered vulnerabilities over time. iland will also be o ering scheduled scans for ECS-AS customers so they can go beyond weekly scans and create a schedule that suits their particular needs.
Compliance auditing is also an important part of their 2016 plans, including PCI scans with Nessus.