Are you struggling to keep up with manual compliance across your infrastructure? In this 25-minute episode of the Pulling the Strings podcast, powered by Puppet, learn how Puppet Comply makes automating your configuration compliance easy -- with full view dashboards and the ability to assess, remediate and enforce all through the Puppet Enterprise solution. Listen in and discover:
Cloud environments are susceptible to security issues. A big contributor is misconfigured resources. Misconfigured S3 buckets are one example of a security risk that could expose your organization’s sensitive data to bad actors. Policies and regular enforcement of best practices are key to reducing this security risk. However, manually checking and enforcing security is time-consuming and can fall behind with all the demands a busy DevOps team faces every day.
Regulatory compliance is time-consuming and expensive. A recent survey of IT security professionals found that, on average, organizations must comply with 13 different regulations and spend an average of $3.5M annually on compliance activities, with audit-related activities consuming 232 person hours per year. With a team of five people, that adds up to 1.5 months a year devoted to audit-related activity. That’s a lot of hours that could have been spent on initiatives driving customer value.
CFEngine 3.17.0 introduced custom promise types, which enable CFEngine users to extend core functionality and policy language in a simple way. As an example of the power and simplicity of this new feature, I will show a promise type that helps to observe a website’s status. The module which implements this promise type was written in a couple of hours.
Several months ago I started the practice of using CFEngine Enterprise and its Mission Portal UI on a daily basis to manage the connected devices in my home. To start, I brought up an old desktop machine, cfengine-hub, to use as my hub and downloaded Enterprise, which is free for use up to 25 hosts. The next step in using best practices is to deploy policy from a version control repository.
Providing breakthrough IT operations requires ITSM, DevOps, and other ITOps leaders to efficiently and economically deliver exceptional employee experiences and high-performing business applications. Achieving these expectations isn’t easy.
In my previous work experience, monitoring certificate validation was critical to our team. These certificates were used to sign commercial transactions between the payment gateway (us) and other providers. That check was manual and depended on the calendar of one person. So, if that person forgets to notify the team about the upcoming expiration of one certificate and doesn’t start the procedure of getting the new one, well, the platform starts to fail.
Using the cloud reduces on-premises infrastructure costs and related maintenance. Instead of deploying more servers, storage, and networking components to your own datacenter, you are now deploying these as cloud resources. Using the cloud is supposed to reduce infrastructure and maintenance costs. However, deploying cloud resources also risks over-commissioning, under-usage, and keeping resources running that are not always needed or, even worse, no longer in use.
