Login
Sonrai Security website logo for identity and data governance and cloud security

Case Study Header

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus commodo viverra maecenas accumsan lacus vel facilisis.

About RMS
Risk Management Solutions, Inc. (RMS) is a leading technology company that focuses on delivering catastrophe risk modeling to help insurers, financial markets, corporations, and public agencies evaluate and manage risk. Insurers, reinsurers, trading companies, and other financial institutions trust RMS to better understand and manage the risks of natural and human-made catastrophes, including hurricanes, earthquakes, floods, terrorism, and pandemics.

The Problem | The Goals | The Result

The Problem

RMS wanted greater visibility into the total number of cloud accounts across AWS and Azure and whether these accounts were configured appropriately. More importantly, they wanted greater insights into how data could be accessed across these public cloud environments by the large number of active compute instances.
As a subsidiary of Daily Mail General Trust, RMS adheres to comprehensive compliance checks and mandates since they hold data for many companies across the globe. Tracking data movement and access is critical for mandates like GDPR.
“Sonrai Security provides us with complete visibility of platform, identity, and data risks across our large AWS and Azure cloud infrastructure. The platform has become the cornerstone of the RMS public cloud risk management and security program.”

Kyle Watson | Security Architect

The Goals

First, there were tactical issues and platform configurations that needed remediation. Second, there were some unman-aged legacy cloud accounts that were interacting with RMS core cloud accounts. Lastly, there were gaps in security best practices that needed to be addressed at the development level. These issues included key rotation issues, open network groups, and identities that were too over-permission-ed.
Tactical issues and platform configurations that needed remediation.
Unmanaged legacy cloud accounts that were interacting with RMS core cloud accounts.
Gaps in security best practices that needed to be addressed at the development level.
“Sonrai Security helped us identify a number of legacy cloud accounts that we had believed were shut down, that were actually still active and in use.”

Kyle Watson | Security Architect

The Results

By understanding interactions and originating identities, RMS was able to identify and establish all trust relationships between accounts. Compliance and platform posture gaps were quickly addressed as Sonrai identified problems at their source. Finally, the Sonrai platform’s continuous monitoring of identity, access, and least privilege ensures best practices are adopted across RMS DevOps teams.
“Sonrai Security helped us identify a number of legacy cloud accounts that we had believed were shut down, that were actually still active and in use.”

Kyle Watson | Security Architect

© 2020 Sonraí Security. All rights reserved | Privacy Policy

Sonrai Security cloud security platform, products and services are covered by U.S. Patent No. 10,728,307, together with other domestic and international patents pending. All rights are reserved.

magnifier