Download PDF
Xero Chooses Cloudpassage Halo for Workload Security at Devops Speed
Technology Category
- Cybersecurity & Privacy - Cloud Security
- Infrastructure as a Service (IaaS) - Cloud Computing
Applicable Industries
- Software
Applicable Functions
- Discrete Manufacturing
- Product Research & Development
Use Cases
- Cybersecurity
- Manufacturing System Automation
Services
- Cloud Planning, Design & Implementation Services
- Cybersecurity Services
The Challenge
In 2014, Xero was experiencing strong growth and needed new technologies to support their next wave of growth. They needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security. Xero solved the first two challenges by moving their IT infrastructure from a traditional outsourced datacenter environment to a public cloud environment— Amazon Web Services. However, finding a security system that was fully automated and could keep up with their fast-paced DevOps environment was a challenge. Most IT security products on the market would not perform efficiently in such an environment. Xero’s lead security architect, Aaron McKeown, wanted to provide Xero’s DevOps teams with a set of strong security controls that could be baked into their DevOps processes, not bolted on after the fact.
About The Customer
Xero is a company that develops cloud-based accounting software for small and medium-sized businesses. They have over 860,000 subscribers in more than 180 countries, and their software accounts for over $1 trillion of incoming and outgoing transactions per year. In 2014, after several years of strong growth, Xero knew that they needed some new technologies to support their next wave of growth. Specifically, Xero needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security.
The Solution
After a lengthy search for the right security tool, McKeown chose CloudPassage Halo. Halo met all of McKeown’s requirements, and then some. Built for speed, Halo is fully automated, everything from installation of agents all the way through to policy assignment, alerting ,and reporting. Halo’s architecture supports elastic operating environments and can scale just as fast as your operations teams can deploy new workloads. McKeown was able to realize his dream that developers would never need to log into the Halo security console. All operations could be done programatically through the API. Halo includes several different kinds of security controls that allowed McKeown to minimize the software attack surface, reduce the network attack surface, ensure that Xero’s workloads have not been compromised, and maintain compliance with PCI data regulations. Halo is able to transmit all of the information that it learns about the security posture of Xero’s workloads to Xero’s SIEM which is Splunk.
Operational Impact
Related Case Studies.
Case Study
Factor-y S.r.l. – Establishes a cost-effective, security-rich development environment with SoftLayer technology
Factor-y S.r.l., a web portal developer, was faced with the challenge of migrating its development infrastructure to a reliable cloud services provider with highly responsive technical support. The company needed a solution that would not only provide a secure and reliable environment but also support its expansion by providing resources to create and deliver innovative offerings.
Case Study
Darwin Ecosystem: Accelerating discovery and insight through cutting-edge big data and cognitive technologies
Darwin Ecosystem was founded with a unique vision of harnessing chaos theory mathematics to uncover previously hidden connections in unstructured data. The company’s algorithms can look at all the data generated by any source (such as news, RSS feeds and Twitter), and analyze how a specific set of concepts within that data are evolving over time. This is particularly valuable in situations such as business and competitive intelligence, social research, brand monitoring, legal discovery, risk mitigation and even law enforcement. A common problem in these areas is that a regular web search will only turn up the all-time most popular answers to a given question – but what the expert researcher is actually interested in is the moment-tomoment evolution of the data available on that topic. Darwin’s algorithm is computationally intensive, and the sources of data it correlates can be vast. To bring its benefits to a larger commercial audience, Darwin needed to find a way to make it scale.
Case Study
Zend accelerates, simplifies PHP development
Zend Technologies, a major contributor to the PHP open source community, needed to keep pace with emerging trends such as mobility, agile development, application lifecycle management and continuous delivery. The company needed to provide the right tools to the worldwide community of PHP developers. The challenge was to support enterprise-class capabilities from end to end, including mobile, compliance and security. The pace of business required developers to show results fast across a variety of devices without compromising quality or security.
Case Study
Delivering modern data protection with cloud scale backup from Cobalt Iron and IBM
Organizations are struggling to modernize their legacy data protection environments in the face of growing demands around new infrastructure, new applications, and budget consolidation. Virtualization and modern application development processes have significantly outgrown legacy backup architectures. In response, infrastructure teams have created multiple backup solution types to handle the varying SLAs (performance, scale, cost) required by their business sponsors. However, the sheer number and variety of solutions in this uncontrolled expansion creates huge amounts of work, threatening to overwhelm the IT team in many organizations. Today, developers may add new applications and virtual server instances by the hundreds per day without accounting for the restrictions of the existing backup infrastructure. They leverage the cloud for immediate compute and storage resources, yet rarely communicate succinctly with corporate IT to ensure that the appropriate data protection services are in place.
Case Study
Achieving near limitless scalability and flexibility with data in the cloud
Web-based publishing platform SpaceCraft found that as its client base grew, it was spending an increasing amount of time managing its databases, distracting its focus from product innovation. As its user base rapidly expanded, data volumes at SpaceCraft began to rise dramatically. Along with their main focus on maintaining and further developing a great platform for web publishing, the SpaceCraft team had the added pressure of managing the increasing quantities of data while ensuring ongoing high performance for clients.
Case Study
nViso SA – Delivers emotion recognition solutions worldwide with a scalable SoftLayer hosting solution
nViso SA, a company that provides emotion recognition solutions, was in need of a high-performance cloud hosting infrastructure. The company wanted to extend its services to a global customer base. The challenge was to find a solution that could handle the demands of their growing customer base and the need for high performance and reliability.