NASA Case Study

How Cloudaware helped NASA attain complete cloud visibility and secure cloud infrastructure

1. About NASA

NASA is one of the largest users of Amazon Web Services (AWS), leveraging over 5,000 EC2 instances and nearly all AWS services across more than 30 different projects and laboratories.

2. Challenges

Securing such a vast and complex cloud environment using a consistent approach was a major challenge for NASA. A lack of visibility into multi-cloud assets further complicated efforts. With so many users and projects, maintaining consistent security was critical to prevent data breaches. The team needed a way to detect and respond to threats, ensure compliance, and maintain control.

3. Solutions

To address these challenges, NASA partnered with Cloudaware, a leading AWS management and security solutions provider. Cloudaware's platform offered a comprehensive set of capabilities:

• Cloudaware CMDB: provided comprehensive discovery and maintained a detailed inventory of NASA's cloud assets, giving them full visibility and allowing them to understand the scope of their environment. • Cloudaware Incident Management: threat monitoring and incident response to detect and mitigate security threats, including insider threats and advanced persistent threats. • Cloudaware IT Compliance: compliance verification to ensure NASA's cloud environment met relevant security standards like HIPAA, PCI, and FISMA. Automated change detection and management to identify and respond to non-compliant changes in the cloud infrastructure. • Cloudaware Vulnerability Management: integration with security tools like Nessus and WhiteHat to provide a holistic view of vulnerabilities and risks.

4. Implementation

The Cloudaware platform was deployed across NASA's entire AWS environment over a 6-month period, which involved: • Deploying the CMDB module to enable comprehensive discovery and provide a detailed, up-to-date inventory of cloud resources, including EC2 instances, services, and assets across NASA's 30+ projects. • Integrating Cloudaware with NASA's existing security and IT management tools. • Configuring custom policies and workflows to align with NASA's security requirements. • Training NASA's IT and security teams on how to use the Cloudaware platform. • Ongoing monitoring, optimization, and continuous improvements based on feedback.

5. Results

• After implementing the Cloudaware solution, NASA saw significant improvements in their cloud security posture: • 100% visibility into all changes made across their AWS environment. • 22% reduction in the time required to review and approve changes. • 36% decrease in the number of security incidents and data breaches. • Improved compliance with relevant security standards, reducing audit findings.

6. Testimonial

"Cloudaware has been a game-changer for securing our cloud infrastructure. The CMDB platform gives us complete visibility and control, allowing us to quickly detect and respond to threats while ensuring our cloud environment remains compliant. The team has been a true partner in helping us navigate the unique security challenges of the public cloud." Linda Cureton, NASA CIO

7. Conclusion

By taking a proactive, process-driven approach to cloud security, NASA was able to significantly improve the security and compliance of their AWS environment. If your organization is facing similar challenges in securing your public cloud infrastructure, we encourage you to explore how Cloudaware can help. Contact us today to schedule a demo and learn more about our solutions.