News

What's Next With Wiz on Cardinal Cloud

Wiz continues to roll out in phases for Cardinal Cloud accounts

The cloud security tool Wiz is being rolled out to help our Cardinal Cloud account holders recognize, understand, and address cybersecurity risks.

Stanford University IT (UIT) team members have taken first steps to configure Wiz on our three Cardinal Cloud service providers—Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. 

Currently, Wiz is available in a limited rollout to early adopters. Initial findings are being assessed, allowing service support teams to develop processes in anticipation of expanding the rollout.

How does Wiz work?

Wiz securely connects to cloud accounts and uses read-only scanning to analyze resources. It creates momentary snapshots for virtual machines and databases to safely perform offline analysis without consuming potentially disruptive computing resources. While there’s no charge to use Wiz, individual cloud accounts will incur a very minimal cost to temporarily store the snapshots. 

Through an easy-to-understand visual display, Wiz  provides guidance on how to take action and explains the urgency of any potential  risks, making security management clearer for account holders. 

Risks that Wiz can identify include:

  • Vulnerabilities, such as open and/or writable storage buckets 
  • Malware
  • Configuration errors
  • Exposed cleartext keys and passwords
  • Compliance issues, such as lack of encryption

For more details on how Wiz works and the cost structure, check out the Wiz FAQs

What is the rollout progress so far–and what’s next?

During this soft launch, initial findings show there is work to do to reduce existing security risks across Cardinal Cloud accounts. Members of the Service Desk and Stanford’s Information Security Office (ISO) are piloting processes and resources for handling common issues.

Several important areas need more progress before the Wiz service team can onboard all potential users at Stanford. These relate to: 

  • Automated provisioning 
  • Account tagging, which will help associate accounts with correct campus workgroups, among other things
  • Processes and procedures (for example, “What should I do if the service flagged with a vulnerability is another group?”)

The Wiz rollout may expand in May 2023, depending on how these areas move forward.

Do you need to join Cardinal Cloud?

This Wiz configuration is only available for the Cardinal Cloud community. So, if you haven’t already switched your standalone AWS, GCP, or Azure account to join Cardinal Cloud, what are you waiting for? 

Get discounts, convenience, and security tools (like Wiz, Qualys, and Crowdstrike) by joining your account to Cardinal Cloud.

Learn more

 

DISCLAIMER: IT Community News is accurate on the publication date. We do not update information in past news items. We do make every effort to keep our webpages up-to-date.