Compliance made easy

Puppet has introduced Puppet Comply, a new product built to work with Puppet Enterprise aimed at assessing, remediating, and enforcing infrastructure configuration compliance policies at scale across traditional and cloud environments. Now, with Puppet Comply and Puppet’s compliance service offerings, enterprises can drive continuous compliance across multiple frameworks including Center for Internet Secruity (CIS) benchmarks.

  • 3 years ago Posted in
The average cost for organizations that experience non-compliance is upwards of $14.82 million, a 45 percent increase from 2011, making it a larger and more noticeable pain point for CIOs and CTOs. With an increase in regulatory standards over the past several years, maintaining compliance to pass audits and to maintain costs has become more complex. 

 

Puppet’s product and service solution not only speeds up the ability to find compliance issues but also continually fixes these issues across an organization’s infrastructure to ensure enterprises do not cut corners when it comes to compliance, while maintaining fiscal responsibility. And organizations are using this technology today. For examples, a large bank’s Cloud Ops team was able to improve their compliance score from 50 percent to 92 percent through Puppet’s compliance use case.

“Compliance is often deemed as an inhibitor of delivering features faster. With Puppet Comply, CIOs can leave automation to address security and compliance concerns and focus on innovation, knowing that their operations are compliant without hindering agility” said Abby Kearns, CTO at Puppet. “With the pandemic shifting IT priorities, we are seeing compliance rising to the top of the C-level agenda. In response, we are bolstering our capacity across the UK, DACH and SEMEA in particular, to support our customers and address the growing demand for automation.”

By scanning infrastructure against industry benchmarks, Puppet Comply addresses a wide variety of compliance needs, including:

 

  • Desired and enforced state: Puppet’ Enterprise’s desired state expertise is leveraged through Puppet Comply, helping organizations apply and continually enforce compliant configurations across their infrastructure. Puppet Comply makes it significantly easier to ensure estate-wide compliance with CIS benchmarks, all with less overhead and manual work. 
  • Increased visibility: ITOps teams can now run their own compliance scans to determine which controls are passing or failing per node, providing teams with a holistic view of compliance status across their infrastructure. These scans make it quick and easy to identify the cause of compliance failures.
  • Efficient auditing: Puppet Comply generates easy-to-read reports, providing the necessary insight to managers and leaders as well as proof of compliance status to auditors.
  • Complete compliance through content: The services team at Puppet helps enterprises find compliance issues and builds content to fix these issues using the company’s best practices to save the team hours of time. Organizations who implement compliance protocols through Puppet Enterprise spend 76% less time fixing security and compliance issues and more time on innovating. 

 

“The work required to ensure infrastructure compliance in order to pass audits is painstaking and time-consuming, particularly in organizations with large and complex infrastructure,” said Alex Hin principal product manager at Puppet. “Additionally, most security and ITOps teams work in silos, with disparate tools and priorities. Puppet Comply ensures ITOps teams have the tools and resources they need to proactively manage compliance without disrupting, or duplicating, the security team’s workflow.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...