In an era where data security and availability are paramount, companies like Turbonomic have stepped up their game to ensure that their SaaS applications meet stringent security and compliance requirements. Trust and reliability are the cornerstones of their service offerings, and the need for cyber-resilient disaster recovery solutions has never been greater. This case study explores how Turbonomic partnered with Elastio to fortify their SaaS applications, automate SOC2 security and availability controls, and establish a robust disaster recovery strategy.

Challenges Faced by Turbonomic

1. Automating SOC2 Compliance: Turbonomic needed to automate SOC2 security and availability control enforcement and reporting to ensure their SaaS applications' security and availability.
2. Cyber Resilient Disaster Recovery: Protecting SaaS application compute and storage resources from threats, including threat detection and prevention, was a top priority.
3. Continual Monitoring: As Turbonomic adopted an AWS infrastructure, they required continuous monitoring of their recovery risk posture.
4. Vulnerability Prevention: Ensuring that vulnerabilities were not reintroduced into the production environment after a recovery operation was essential.

The Elastio Solution

Elastio stepped in to address these challenges with a comprehensive solution:

1. Real-time Recovery Risk Assessment: Elastio generates real-time recovery risk assessments for Turbonomic's SaaS applications, ensuring SOC2 security and availability compliance.
2. Protection from Attacks: Elastio continually monitors all compute and storage resources, inspecting them for ransomware and malware. It secures backups immutably, safeguarding against malicious actors.
3. Business Continuity Assurance: Elastio ensures that backups remain recoverable at the time they are taken, mitigating business continuity risks, downtime, and data loss. In case of cyber threats or corruption, forensics tools are available for response and recovery.
4. Proactive Vulnerability Prevention: Elastio's approach goes beyond standard recovery snapshots. It prevents vulnerabilities from being reintroduced following a recovery operation, proactively mitigating risks and ensuring business continuity.

Turbonomic's Container-based Application

Turbonomic's container-based application utilizes AWS EKS and multiple persistent volumes, each backed up using AWS's Elastic Block Store (EBS) service. The application's MySQL database platform is hosted within the container.

Greg Aligiannis, Chief Information Security Officer at Turbonomic, highlights Elastio's automated detection of new persistent volumes, threat inspection, and recovery point creation as crucial elements in maintaining a secure and resilient environment.

The Role of Elastio in Business Continuity

Turbonomic's responsibilities extend to managing ParkMyCloud, a cloud platform for multi-cloud spend management. Elastio plays a pivotal role in securing and monitoring applications like ParkMyCloud, continuously evaluating file system health, and guarding against threats.

In Greg Aligiannis's words, "My SOC2 compliance is easy with Elastio, they automate most of my security and availability controls in one platform and without agents."

Conclusion

Turbonomic's partnership with Elastio showcases the importance of cyber resilience in safeguarding SaaS applications. By addressing challenges related to security, availability, and vulnerability prevention, Elastio has enabled Turbonomic to meet SOC2 compliance requirements and ensure uninterrupted business operations.

With Elastio's comprehensive approach to risk mitigation and real-time monitoring, Turbonomic has reduced recovery time objectives (RTO) from hours to minutes, all while enhancing availability with app-consistent recovery points. This level of cyber resilience is invaluable in today's digital landscape, where data protection is non-negotiable.

Greg Aligiannis, Chief Information Security Officer, sums it up, stating, "Elastio reduces our RTO from 12 hours to minutes. With no new configurations or development, we get improved availability with app-consistent recovery points. We can't get that with standard snapshots."

In a world where cyber threats are ever-present, the partnership between Turbonomic and Elastio exemplifies how businesses can proactively secure their SaaS applications, protect critical data, and ensure business continuity in the face of adversity.

What is data resiliency?

Empowering Data Protection with Elastio: Your Key to Unparalleled Security and Resilience

Case Study. Elastio and LeaseAccelerator: A Cyber Resilience Success Story