We recently had the join of partaking in GitLab Commit — a conference held by our friends at GitLab and focused on innovative solutions for today's greatest IT challenges. As experts in DevSecOps, the MindPoint Group team was able to share the story about how we used GitLab as a part of our process to help a customer with cloud migration, modernization. This helped transform their processes to obtain an ATO. While this session took place in the Public Sector track, commercial organizations will greatly benefit from this talk as well. Check out the video to learn more.
How we Married Compliance Automation with Policy-as-Code: A GitLab Love Story
Let’s talk about compliance—just the word makes people either want to fall asleep or worse, run, and hide. Between the development process and the cycle of endless audits, it’s no wonder that people try to avoid this topic at all costs. However, it’s clear that in order to move toward cloud migration and modernization, public sector organizations must transform their existing processes to obtain an Authority to Operate (ATO). In this talk, we’ll walk through the process of how implementing automation took our federal customer from an average ATO time of an average of 3-4 months per application to only 1-2 weeks, and more importantly, why Gitlab is the superior tool to help us do that. Not a federal customer? That’s ok, too. Managing policy through automation is an important way you can more easily pass any regulatory audit like PCI DSS, HIPAA, and more!
Speakers
Keith Rhea, Cloud Security Engineer at MindPoint Group
Tim Jones, Automation Engineer at MindPoint Group
GitLab Commit Session
https://www.youtube.com/watch?v=qvSja0BqaaY
Next Steps
As you heard in this session, MindPoint Group provides customers with an alternative option to the complicated ATO process through compliance automation. Our ATO Automation Solution helps customers reduce total cost and the time typically required to monitor and validate ATO controls, while also increasing compliance scores.