Developing a Unified Approach to Multi-Cloud Security for California State

About the Company
The Vision and Challenge
The California Department of Technology (CDT), Office of Information Security (OIS) recognized the importance of preparing for State entities to migrate significant internal and customer applications into the cloud. To ensure that these efforts were realized with appropriate secure development processes, security architecture, configuration, and monitoring/management capabilities, CDT sought out a consultant with strong cloud development, security architecture, and operation expertise.
InterVision was chosen by competitive bid to be the CDT’s cloud technology security partner with the expertise and authority to develop a unified approach to secure cloud adoption and operation across cloud providers. With a strong cloud services practice made up of experts who have garnered the experience and education to ensure entities’ assets are safely migrated to the cloud, we were well-positioned to execute the project with minimal to no downtime or interruption to their daily services.
InterVision had led a previous Palo Alto Networks (PAN) and F5 deployment with the company, which included scripting. As a result of this earlier engagement, the company knew of our expertise to execute with quality on a tight timeline and trusted us as challengers to the status quo. They viewed InterVision as a strategic partner when it came to security automation, so we were a good candidate for the project.
The Outcome
These security standards were set with the knowledge and input of key government officials. We assessed current infrastructure management and policies and adapted them to the cloud. InterVision developed DevOps/SecOps tools and processes to support both multi-cloud and hybrid cloud environments.
To date, we have developed a plan for CDT to develop and implement policies, controls, services, and products in alignment with the NIST Cybersecurity Framework (CSF). For each subcategory in the NIST CSF, we have recommended specific capabilities to support State entities. We have also developed an approach to governance at scale, utilizing centralized ITSM for account management, security and compliance automation, as well as budget and cost control. We are supporting CDT’s infrastructure services team in defining infrastructure management and application delivery tools and processes, including utilizing version control, infrastructure as code, and automated deployment.
AWS Services Utilized:
- AWS Direct Connect (Hybrid Cloud)
- Multi-cloud
- AWS CloudFormation
- AWS Organizations
- AWS Service Control Policies
- AWS Permissions Boundaries
- AWS Artifact
InterVision’s AWS Cloud Services