Cloud Governance, Compliance and Security
Kumolus integrates Cloud Management tightly with Governance, Compliance and Security by helping you define, continuously monitor and audit your policies. Kumolus automates and controls the processes that allocate your Cloud resource deployment and configuration.
Enterprise Governance and Security Compliance
Every organisation is challenged by the question of “how do we balance governance and control with the need to provide users the self-service agility and flexibility that cloud IT provides?” The Kumolus platform allows you to implement ‘fine-grain’ access controls across the user community to achieve the governance and control you need.
Federated Cloud Management
Kumolus is a full stack application centric next generation Cloud Management Platform enforcing Federated policy, compliance, cost management and governance. The Kumolus Cloud Management platform provides delegated authority to tenants, departments, LoB and teams whilst invisibly enforcing security, business assurance and cost management.
Cloud Backup Automation
Scheduled Cloud Backup is included within the Kumolus Cloud Management Platform. Federate both in and out-of-region snapshots for EBS Volumes, Database, Database Snapshots, Root Volumes, Volume Snapshots and Servers. Enforce deletion of AMI, detached Volumes and clean up orphaned Snapshots.
Global Security Dashboard
Visualise existing security posture, understand the risk level and remediate the threats based on automated recommendations. Enforce on-going security posture utilising Kumolus comprehensive pattern control automation capability and continuously validate for non-compliance.
Identify Security Vulnerabilities and Remediate
Identify, classify and re-mediate potential security risks and exposures via our detailed drill through dashboard. Automate security validation against ASGs, EBS volumes, EBS, ELB, IAM, KBS and many more services. Enforce security posture via template patterning and continuously identify anomalies within your Cloud security perimeter.
Kumolus enables SOE control of AMIs and services to assist in the reduction of cost and time taken to deploy, configure, maintain, support and manage Cloud environments. Kumolus SOE foundation creates a repeatable known, expected and supportable environment whilst fostering speed via increases automation and reduced change management.
Single Sign-on and Access Management
We understand that organisations are continuously changing and a one size fits all approach is not appropriate. Kumolus integrates seamlessly into Enterprise SSO systems extended this to allow multiple diverse access control for individuals in the Cloud and interreleted teams such as a single Developer associated with multiple Agile projects.
Asset Tracking Automation
Kumolus allows you to set custom tagging rules, including mandatory rules on every cloud object within the environment. Whether it is a operationally triggered snapshot or a security group added as part of a security change, Kumolus custom tagging ensures these movements can be tracked.
Audit Tracking – know your environment changes
According to Gartner, up to 80% of system outages are due to unplanned changes within the IT environment. Kumolus allows for the continuous monitoring, recordingand roll-back of environment changes to allow easy identification of incidents and more importantly faster resolution.
Automate your security policies
Kumolus provides a consistent and centralised way to provision, apply and automate security services to deliver policy based control and visibility across your cloud resources.
Limit technology sprawl
The ability to provision cloud services needs to be managed or you risk technology proliferation and spiralling costs. Kumolus allows you to set rules around what different groups and / or individuals in your organisation can do. For example, using the Kumolus Role Based Access Control functionality would allow you to limit a development team to only provision current Linux based instances with a certain size PostgreSQL databases and in a specific private network.