Download PDF
Rapid7 > Case Studies > Maximus Enhances Compliance and Minimizes Risk with Rapid7 Cloud Security
Rapid7 Logo

Maximus Enhances Compliance and Minimizes Risk with Rapid7 Cloud Security

Technology Category
  • Cybersecurity & Privacy - Cloud Security
  • Infrastructure as a Service (IaaS) - Public Cloud
Applicable Industries
  • Cement
  • National Security & Defense
Applicable Functions
  • Logistics & Transportation
  • Quality Assurance
Use Cases
  • Leasing Finance Automation
  • Tamper Detection
Services
  • Cloud Planning, Design & Implementation Services
The Challenge
Maximus, a leading strategic partner to governments worldwide, faced a significant challenge in enforcing standards and ensuring consistency across all public cloud environments. With over 200 AWS accounts under management and a growing Azure presence, visibility into numerous projects spanning AWS and Azure was critical. The company needed a solution that would enforce standards across all public cloud accounts and regions, provide visibility into non-compliant resources, create an exception process for certain resources, and deliver an automated way to take remediation action. Enforcing standards across the entire enterprise with hundreds of AWS accounts and Azure subscriptions and different support models was a daunting task.
About The Customer
Maximus is a leading strategic partner to governments across the globe, helping to improve the delivery of public services amid complex technology, health, economic, environmental, and social challenges. The company delivers innovative business process management, impactful consulting services, and technology solutions that provide improved outcomes for the public and higher levels of productivity and efficiency for government-sponsored programs. Maximus has a deep understanding of program service delivery, acute insights that achieve operational excellence, and an extensive awareness of the needs of the people being served.
The Solution
To address these challenges, Maximus implemented InsightCloudSec, Rapid7’s cloud risk and compliance solution. Rapid7 worked with Maximus to customize the product release to meet their compliance requirements, resulting in an increased total compliance score across Maximus’ multi-cloud environment. Maximus chose Rapid7 for its consolidated visibility of active cloud resources running across multi-cloud environments, continuous monitoring and assessment of compliance against customized organizational security standards, real-time detections of compliance state changes, and the ability to both manually and automatically enforce compliance and update configurations and access permissions of non-compliant resources. The ease-of-use of Rapid7 InsightCloudSec was a deciding factor, with its ability to easily scale and integrate with Splunk to enrich data and display it in consumable dashboards for Security, IT, and project owners.
Operational Impact
  • The implementation of Rapid7 has had a positive impact on Maximus’ security environment, unifying their security standards across all AWS and Azure accounts. The company has begun using auto-remediation bots where needed and has gained a more holistic view of their compliance across their entire footprint. The data provided by InsightCloudSec has increased confidence in the recommendations presented to account owners across Maximus and its different business divisions. The total compliance score under their Corporate Master Payer Account has improved, and guardrails are now enforced through automation, reducing the volume of non-compliant resources. Resources built in a non-compliant way are automatically remediated, disabled, deleted, or flagged, leading to quicker action on non-compliant resources and better visibility into the environments.
Quantitative Benefit
  • Monitoring of 44,000+ different AWS resources
  • Monitoring of 100,000K+ Microsoft Azure resources with 80+ Insights
  • 30+ insights/bots monitoring their environment with automated remediation abilities

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.