Guests: Arnaud Fosse (LinkedIn) | Damien Peschet (LinkedIn)
Company: UBiqube (Twitter)

In such a fast-paced environment, it can be difficult for companies to keep up with security controls and compliance. Furthermore, layoffs and cost-cutting are making it even more challenging for companies to maintain effective compliance strategies.

In this episode of TFiR: T3M, Swapnil Bhartiya sits down with two UBiqube executives: Head of Product Management Arnaud Fosse and Compliance Senior Expert Damien Peschet, to discuss the challenges companies are facing with compliance and how UBiqube is helping solve these problems.

Key highlights from this video interview are:

Introduction to UBiqube:

• UBiqube is aiming to simplify the journey to the cloud and make it safer and more compliant.
• Companies are grappling with different technologies and UBiqube helps by abstracting all those difficult concepts and compiling them into a unique single platform, where they can collect all of this information.

What type of compliance does UBiqube deal with?

• UBiqube deals with security and privacy based on SOC 2, HIPAA, and HDS compliance. They help maintain the level of conformity when a developer is developing new software features from a new environment to make it conform to security standards and controls.

Current challenges:

• Compliance is particularly challenging when moving to cloud for two reasons: the shift in responsibility and trying to define all the security scenarios, and the ability to perform full compliance checks on a remote platform.
• The first set of controls that are decided by the companies (if they are following a security standard) will go to define a set of controls yet it is challenging to make the whole team aware of the controls.

What role does company culture play in compliance?

• Organizations must ensure that all the teams are aware of the standards of the company, although not necessarily all the security controls that need to be implemented. Then companies should delegate the availability or the possibility for developers to deploy this environment.
• Automation can play a key role, which can save time and ensure all the security tests are met.
• Compliance is everyone’s responsibility, rather than just one person’s.

How does automation help?

• Validation steps need to be put in place when you deploy to make sure you are in line with security. Automation can help save developers time and ensure everything is good to go.
• UBiqube’s platform is useful for people doing compliance every day.
• UBiqube’s platform nonetheless enables security experts the ability to apply manual recommendations to give them that extra layer of control.

The impact of cost-cutting and lay-offs:

• Compliance needs to remain prioritized regardless of cost-cutting and lay-offs. UBiqube’s Cloudclapp solution has been built to enable companies to set all the security controls and the information needed for compliance in a fully automatic process.

The challenges of compliance continuity:

• Once the environment is created and the systems are configured, there should be a compliance scan in every location in databases, where the results are collected in one dashboard. Organizations need to remain up to date with compliance regardless of the changes around it.
• UBiqube enables users to update the standards themselves for instances so that the software will automatically integrate the new standards and raise the new requirements.
• UBiqube helps security experts to analyze what is needed and manually set up the security controls if it does not have the necessary information.

This summary was written by Emily Nicholls.