SlideShare a Scribd company logo

Security Spotlight: Rent-A-Center

Alert Logic
Alert Logic

Security Spotlight: Rent-A-Center (Mike Santimaw)

Technology
1 of 13
Download to read offline
Thank you.
Thank you.HOW RENT-A-CENTER STAYS SECURE AND COMPLIANT ON AWS WITH ALERT LOGIC MIKE SANTIMAW – VP OF INFORMATION SECURITY, RENT-A-CENTER
About Rent-A-Center Company Profile ▪ One of the largest rent-to-own retailors with 3000+ stores and 1200 partner locations ▪ 21,000 employees ▪ Founded in 1986 Consumer Experiences ▪ Brick and mortar ▪ E-commerce ▪ Financial partnership
Complex Environment Footprint ▪ Traditional data centers ▪ Multiple cloud providers ▪ SaaS and internal web services ▪ Mobile and e-commerce environments Compliance ▪ PCI DSS, SOX, etc. Development ▪ Traditional development ▪ DevOps ▪ Internal & external global resources
Challenge ▪ Continuing to expand points of commerce and drive transformational innovation to create the next evolution of the leased ownership sector ▪ Securing our core while also addressing the cyber risks within rapid business development methodologies ▪ Report on Compliance Initiatives ▪ Minimal InfoSec staff within a team that primarily grew organically ▪ Unable to staff our InfoSec team 24x7x365 ▪ Being a silent partner to the organization
Build SOC Capabilities Internally ▪ Toolset investments and ongoing maintenance ▪ Threat intelligence feeds ▪ Develop the staff with appropriate skills ▪ Year on year training ▪ Staff salaries ▪ Private facilities ▪ Staff 24x7x365
The Solution ▪ Work with an industry leader and who is focused on innovation, on the same journey as our primary cloud service provider, AWS. ▪ Our solution uses AWS and Alert Logic products and services. ▪ Rent-A-Center began the journey with Alert Logic with our on-prem data center locations. ▪ Incorporating Alert Logic via AWS Marketplace with a single pane of glass for security. ▪ Alert Logic solutions included Alert Logic® Cloud Defender™ and Alert Logic® Active Watch™
Alert Logic has analyzed 374 TB of our network traffic! Detected 566,668 events and identified 220 actions
Secret Sauce? People ▪ The Alert Logic Security Experts instantly matured the RAC InfoSec team. ▪ The collaboration that exists today is truly an extension of our team. ▪ Alert Logic helped drive the security journey for our CI/CD process within the RAC DevOps team. ▪ Knowing that Alert Logic‘s people, processes, and technology are protecting RAC 24/7, we are able to focus on other critical initiatives.
Stronger Cloud Security Posture Customer Data Platform, Applications, Identity & Access Management Operating Systems, Network & Firewall Configuration Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/Integrity/Identity) AWS Global Infrastructure Compute Storage Database Networking Regions Availability Zones Edge Locations Rent-A-Center & Alert Logic Shared Responsibility for security “in” the cloud AWS Shared Responsibility for security “of” the cloud
Where is Rent-A-Center going next? ▪ Maintain our compliance posture. ▪ Expand points of commerce and drive transformational innovation for Rent-A-Center in accordance with our strategic plans. ▪ Continue building out our automated, event-driven security program. ▪ Continue maturing our DevOps and DevSecOps culture ▪ Keep the collaboration going with getting Alert Logic engaged in innovation sessions regarding new development/delivery
Recommendations ▪ Organizations should look for a seamless security solutions provider that focuses on the cloud as well as the journey to get there. ▪ Ensure the partner you choose has expertise on, in, and around the cloud with an appetite to expand. ▪ Security and well as compliance maturity ▪ Actionable security best practices are the keys to success.
Thank you.

Recommended

Backup lexington ky
Backup lexington kyBackup lexington ky
Backup lexington kyDataRestoration
 
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 "The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 RMS
 
Gss Company Profile
Gss Company ProfileGss Company Profile
Gss Company ProfilePaul O'Sullivan
 
Bloombase integration with eskm final w alliance cert logo 6_11_15
Bloombase integration with eskm final w alliance cert logo 6_11_15Bloombase integration with eskm final w alliance cert logo 6_11_15
Bloombase integration with eskm final w alliance cert logo 6_11_15Bloombase
 
Bloombase integration with eskm final w alliance cert logo 4_9_15
Bloombase integration with eskm final w alliance cert logo 4_9_15Bloombase integration with eskm final w alliance cert logo 4_9_15
Bloombase integration with eskm final w alliance cert logo 4_9_15Bloombase
 
Forensic Auditing
Forensic AuditingForensic Auditing
Forensic AuditingMitesh Katira
 
Future Commerce 2019
Future Commerce 2019 Future Commerce 2019
Future Commerce 2019 PT Datacomm Diangraha
 
SWATX Company Profile 190919
SWATX Company Profile 190919SWATX Company Profile 190919
SWATX Company Profile 190919Seif Badawi
 

Recommended

Backup lexington ky
Backup lexington kyBackup lexington ky
Backup lexington kyDataRestoration
 
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 "The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014
"The RMS Cloud" - Presented at the RAA's Cat Modeling Conference 2014 RMS
 
Gss Company Profile
Gss Company ProfileGss Company Profile
Gss Company ProfilePaul O'Sullivan
 
Bloombase integration with eskm final w alliance cert logo 6_11_15
Bloombase integration with eskm final w alliance cert logo 6_11_15Bloombase integration with eskm final w alliance cert logo 6_11_15
Bloombase integration with eskm final w alliance cert logo 6_11_15Bloombase
 
Bloombase integration with eskm final w alliance cert logo 4_9_15
Bloombase integration with eskm final w alliance cert logo 4_9_15Bloombase integration with eskm final w alliance cert logo 4_9_15
Bloombase integration with eskm final w alliance cert logo 4_9_15Bloombase
 
Forensic Auditing
Forensic AuditingForensic Auditing
Forensic AuditingMitesh Katira
 
Future Commerce 2019
Future Commerce 2019 Future Commerce 2019
Future Commerce 2019 PT Datacomm Diangraha
 
SWATX Company Profile 190919
SWATX Company Profile 190919SWATX Company Profile 190919
SWATX Company Profile 190919Seif Badawi
 
The Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company OverviewThe Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company OverviewPT Datacomm Diangraha
 
Nox strategic partnership presentation
Nox strategic partnership presentationNox strategic partnership presentation
Nox strategic partnership presentationRand Bleimeister
 
Uptime Group
Uptime GroupUptime Group
Uptime GroupMatsBluekens1
 
Jelecos Services Overview
Jelecos Services OverviewJelecos Services Overview
Jelecos Services OverviewJessica Sheldon
 
Leveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your BusinessLeveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your BusinessJoel Katz
 
Wowrack Cloud Services
Wowrack Cloud ServicesWowrack Cloud Services
Wowrack Cloud ServicesDoug Cardinale
 
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert LogicAmazon Web Services
 
Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia PT Datacomm Diangraha
 
Codero: The Future of IT is Here
Codero: The Future of IT is HereCodero: The Future of IT is Here
Codero: The Future of IT is HereCodero
 
Azure Migration .pptx
Azure Migration .pptxAzure Migration .pptx
Azure Migration .pptxsonalibiswas22
 
Cloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your AssociationCloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your AssociationAssociations Network
 
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on CloudRevolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on CloudPT Datacomm Diangraha
 
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast ITThe power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast ITCisco Canada
 
Pyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & TechnicalPyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & TechnicalHerbert Jones, PMP
 
Managed services web
Managed services webManaged services web
Managed services webDean North
 
Managed servoes 2mb
Managed servoes 2mbManaged servoes 2mb
Managed servoes 2mbLisa Thornton
 
Managed services web
Managed services webManaged services web
Managed services webMark Howie
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summits
 
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...SnapLogic
 
Getting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedGetting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedSynapse360
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 

More Related Content

Similar to Security Spotlight: Rent-A-Center

The Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company OverviewThe Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company OverviewPT Datacomm Diangraha
 
Nox strategic partnership presentation
Nox strategic partnership presentationNox strategic partnership presentation
Nox strategic partnership presentationRand Bleimeister
 
Jelecos Services Overview
Jelecos Services OverviewJelecos Services Overview
Jelecos Services OverviewJessica Sheldon
 
Leveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your BusinessLeveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your BusinessJoel Katz
 
Wowrack Cloud Services
Wowrack Cloud ServicesWowrack Cloud Services
Wowrack Cloud ServicesDoug Cardinale
 
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert LogicAmazon Web Services
 
Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia PT Datacomm Diangraha
 
Codero: The Future of IT is Here
Codero: The Future of IT is HereCodero: The Future of IT is Here
Codero: The Future of IT is HereCodero
 
Cloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your AssociationCloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your AssociationAssociations Network
 
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on CloudRevolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on CloudPT Datacomm Diangraha
 
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast ITThe power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast ITCisco Canada
 
Pyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & TechnicalPyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & TechnicalHerbert Jones, PMP
 
Managed services web
Managed services webManaged services web
Managed services webDean North
 
Managed services web
Managed services webManaged services web
Managed services webMark Howie
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summits
 
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...SnapLogic
 
Getting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedGetting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedSynapse360
 

Similar to Security Spotlight: Rent-A-Center (20)

The Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company OverviewThe Long Awaited Cloud Solution - Company Overview
The Long Awaited Cloud Solution - Company Overview
 
Nox strategic partnership presentation
Nox strategic partnership presentationNox strategic partnership presentation
Nox strategic partnership presentation
 
Uptime Group
Uptime GroupUptime Group
Uptime Group
 
Jelecos Services Overview
Jelecos Services OverviewJelecos Services Overview
Jelecos Services Overview
 
Leveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your BusinessLeveraging The Power Of The Cloud For Your Business
Leveraging The Power Of The Cloud For Your Business
 
Wowrack Cloud Services
Wowrack Cloud ServicesWowrack Cloud Services
Wowrack Cloud Services
 
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
 
Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia
 
Codero: The Future of IT is Here
Codero: The Future of IT is HereCodero: The Future of IT is Here
Codero: The Future of IT is Here
 
Azure Migration .pptx
Azure Migration .pptxAzure Migration .pptx
Azure Migration .pptx
 
Cloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your AssociationCloud Technology: What is it? What can it do for your Association
Cloud Technology: What is it? What can it do for your Association
 
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on CloudRevolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
Revolutionizing ERP with in-Memory Computing using secure and Local SAP on Cloud
 
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast ITThe power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
The power of orchestration - Inside Cisco IT - DC Cloud from IaaS to Fast IT
 
Pyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & TechnicalPyramid Technologies Capability Statement & Technical
Pyramid Technologies Capability Statement & Technical
 
Managed services web
Managed services webManaged services web
Managed services web
 
Managed servoes 2mb
Managed servoes 2mbManaged servoes 2mb
Managed servoes 2mb
 
Managed services web
Managed services webManaged services web
Managed services web
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
 
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
Euromoney's integration journey: Selecting SnapLogic's self-service integrati...
 
Getting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-convergedGetting ready for Infrastructure Transformation with hyper-converged
Getting ready for Infrastructure Transformation with hyper-converged
 

More from Alert Logic

Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and ResponseAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack SurfaceAlert Logic
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 

More from Alert Logic (20)

Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
CSS 2018 Trivia
CSS 2018 TriviaCSS 2018 Trivia
CSS 2018 Trivia
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

Security Spotlight: Rent-A-Center

  • 2. Thank you.HOW RENT-A-CENTER STAYS SECURE AND COMPLIANT ON AWS WITH ALERT LOGIC MIKE SANTIMAW – VP OF INFORMATION SECURITY, RENT-A-CENTER
  • 3. About Rent-A-Center Company Profile ▪ One of the largest rent-to-own retailors with 3000+ stores and 1200 partner locations ▪ 21,000 employees ▪ Founded in 1986 Consumer Experiences ▪ Brick and mortar ▪ E-commerce ▪ Financial partnership
  • 4. Complex Environment Footprint ▪ Traditional data centers ▪ Multiple cloud providers ▪ SaaS and internal web services ▪ Mobile and e-commerce environments Compliance ▪ PCI DSS, SOX, etc. Development ▪ Traditional development ▪ DevOps ▪ Internal & external global resources
  • 5. Challenge ▪ Continuing to expand points of commerce and drive transformational innovation to create the next evolution of the leased ownership sector ▪ Securing our core while also addressing the cyber risks within rapid business development methodologies ▪ Report on Compliance Initiatives ▪ Minimal InfoSec staff within a team that primarily grew organically ▪ Unable to staff our InfoSec team 24x7x365 ▪ Being a silent partner to the organization
  • 6. Build SOC Capabilities Internally ▪ Toolset investments and ongoing maintenance ▪ Threat intelligence feeds ▪ Develop the staff with appropriate skills ▪ Year on year training ▪ Staff salaries ▪ Private facilities ▪ Staff 24x7x365
  • 7. The Solution ▪ Work with an industry leader and who is focused on innovation, on the same journey as our primary cloud service provider, AWS. ▪ Our solution uses AWS and Alert Logic products and services. ▪ Rent-A-Center began the journey with Alert Logic with our on-prem data center locations. ▪ Incorporating Alert Logic via AWS Marketplace with a single pane of glass for security. ▪ Alert Logic solutions included Alert Logic® Cloud Defender™ and Alert Logic® Active Watch™
  • 8. Alert Logic has analyzed 374 TB of our network traffic! Detected 566,668 events and identified 220 actions
  • 9. Secret Sauce? People ▪ The Alert Logic Security Experts instantly matured the RAC InfoSec team. ▪ The collaboration that exists today is truly an extension of our team. ▪ Alert Logic helped drive the security journey for our CI/CD process within the RAC DevOps team. ▪ Knowing that Alert Logic‘s people, processes, and technology are protecting RAC 24/7, we are able to focus on other critical initiatives.
  • 10. Stronger Cloud Security Posture Customer Data Platform, Applications, Identity & Access Management Operating Systems, Network & Firewall Configuration Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/Integrity/Identity) AWS Global Infrastructure Compute Storage Database Networking Regions Availability Zones Edge Locations Rent-A-Center & Alert Logic Shared Responsibility for security “in” the cloud AWS Shared Responsibility for security “of” the cloud
  • 11. Where is Rent-A-Center going next? ▪ Maintain our compliance posture. ▪ Expand points of commerce and drive transformational innovation for Rent-A-Center in accordance with our strategic plans. ▪ Continue building out our automated, event-driven security program. ▪ Continue maturing our DevOps and DevSecOps culture ▪ Keep the collaboration going with getting Alert Logic engaged in innovation sessions regarding new development/delivery
  • 12. Recommendations ▪ Organizations should look for a seamless security solutions provider that focuses on the cloud as well as the journey to get there. ▪ Ensure the partner you choose has expertise on, in, and around the cloud with an appetite to expand. ▪ Security and well as compliance maturity ▪ Actionable security best practices are the keys to success.