RKON

Private Equity Services

Leverage Lab

Filed Under:

INDUSTRY

Marketing, Technology

PRODUCTS

Data Driven Customer Experience solutions

LOCATION

Kansas City, MO

ANNUAL REVENUE

$17M

ASSIGNMENT

Optimized client’s security domains, assessed adherence to Google Cloud best practices, and implemented recommended remediations. Utilized Terraform for automated Infrastructure as Code (IAC) deployment and embraced a proactive DevSecOps approach for early vulnerability identification and remediation.

 

CHALLENGES

  • Leverage Lab aims to expand the usability of customer data for its clients.
  • Recognizing the importance of user data privacy and security, Leverage Lab prioritized enhancing its cloud security competency.
  • The focus was on validating the security of existing Google Cloud workloads.
  • The goal was to establish a secure foundation for scaling security processes as the GCP footprint grows.

 

OVERVIEW

Leverage Lab is a first-party data consultancy that advises clients on collecting, enhancing, and leveraging their proprietary data assets to inform personalized marketing strategies that lead to higher customer engagement and increased revenue.

As the marketing and advertising analytics industry continues to look for ways to tighten a direct relationship with consumers through privacy-compliant engagements, Leverage Lab increasingly relies on a variety of GCP data analytics services to perform its data processing tasks.

INSIGHT

Leverage Lab selected RKON as a partner because of its unique blend of security and application development expertise. While most security consultancies target security operations teams, RKON instead focuses on development teams, helping them integrate security directly into their development workflows. This methodology, often referred to as “DevSecOps,” identifies security vulnerabilities earlier in the process, reduces friction between teams, and allows teams to respond to the changing security landscape more effectively. DevSecOps arms RKON customers with the tools and processes to respond to market forces more quickly with the timely and secure release of code with the ultimate goal of capturing additional market share.

Leverage Lab’s strategic focus on development means it is challenging to dedicate tactical resources to security tasks. RKON’s ability to efficiently integrate security into the development lifecycle was a motivating factor for Leverage Lab. This operating model empowers Leverage Lab to better meet demand from their expanding customer base without adding more internal resources.

SERVICES PROVIDED

The RKON team began the engagement by reviewing the existing Google Cloud environment and looked for adherence to Google Cloud security best practices. The team reviewed various security domains such as IAM, Network Security, Compute Engine Security, and Data Security. The assessment’s output was a report outlining deviations from best practices and a prioritized roadmap of recommendations tailored to the Leverage Lab’s environment and current maturity levels.

Following this assessment, the RKON team worked with Leverage Lab engineers to implement many of the recommendations made in the assessment report. The RKON team started by using Terraform to implement an automated Infrastructure as Code (IAC) deployment pipeline. Using IAC, the Leverage Lab and RKON teams built repeatable, modular templates that could be reused across each environment. These modular templates were combined to create a “secure, foundational baseline” that could be further built upon.

Partner Solutions / Products Used

The Infrastructure-as-Code approach immediately improved the environment’s security posture, as there was now a repeatable process in which all changes could be reviewed, tested, and monitored before deployment. Additionally, the IAC deployment pipeline reduced the amount of time it took the Leverage Lab team to build a new customer environment, reducing the duration for environment completion from days to less than an hour.