Simplifying Zero Trust Security for AWS with Teleport
Jan 23
Virtual
Register Now
Teleport logoTry For Free

Customer Case Study

How IBM Instana uses Teleport to manage access to their cloud infrastructure

Background image

IBM Instana is a multicloud, cloud-native observability and APM tool that provides monitoring that helps companies of all sizes make sure that all of their enterprise applications are performing reliably at scale. The way that Instana works is by taking all of the diagnostic data from your infrastructure and then plugs it into a large graph database that can be easily monitored via their user-friendly UI which also radiates performance insights. Instana was acquired by IBM in November of 2020 after IBM saw the potential in integrating the Instana platform into IBM’s existing Cloud solutions.

Why IBM Instana chose Teleport

Companies like Nielsen, PayPal and eBay all trust IBM Instana to help them achieve high performance reliability across their cloud application ecosystem. Due to the high level of integration Instana has with your ecosystem, precision and security are two of the most important principles of their offering. In order to ensure that compliance standards are met without compromising on agility and usability, IBM Instana has turned to Teleport.

Person doing a presentation about Instana at Teleport Connect
Teleport gives us the access control, the audit logging, and just a common way to tell people, 'Hey, everything that you need to do your job is either in Teleport or you request the access you need through Teleport and smooth over all the issues that you have from a more traditional solution.'

Hunter Madison

Cloud Architect @ IBM Instana

Simple, secure access at scale

When relying on a tool like Dropwizard to help engineers manage and access large quantities of sensitive data, one must ensure that the use of this tool is extremely well gated, controlled, and audited. IBM Instana relies heavily on this tool, and in the past ensured this secure access with a combination of VPN's and shared credentials. However as the team grew and the tech landscape transformed with more and more remote work, this became increasingly difficult to manage. Hunter Madison, IBM Instana's cloud architect brought in Teleport to manage Dropwizard access securely while making their engineer’s access workflows easier than ever.

I love bringing in Teleport for these types of access issues because I have an easy interface to use, it's easy to write to, it's easy to operate.

Hunter Madison

Cloud Architect @ IBM Instana

In fact this is not the first time that Hunter has helped companies migrate from legacy PAM solutions to Teleport. “This is company number three I've done this at, to have Teleport in play to give us the ability to go and help our security posture and help our management issues without making people upset and angry like you get with some of these more legacy security tools…” says Madison. He also says that Teleport allows Instana to simplify their access workflow, and eliminate overhead, saying “You don't need to care about authentication developer, you don't need to care about auditing developer, you don't need to care about any of these things, which takes time and resources away from working on your critical code path. I'm going to handle it through Teleport.”

Easing compliance headaches

Along with a simpler, more secure workflow, Teleport also helps ease audit and compliance burdens. Compliance audits can be very difficult if you have a decentralized access control scheme, with many moving parts and vulnerabilities. With Teleport however, Hunter Madison says, “if you think of this in terms of an audit framework like SOC 2 or FedRAMP or ISO, well, I can tell you what happened, when did it happen, and I have all these extra identifiers to let me go and tie it back to that request for those request logs […] if you have good tools, specifically Teleport, in this case, your compliance story is much simpler.”.

The bottom line is that Teleport gives both your security, and engineering teams a lot more time to focus on the important things, while at the same time increasing security and auditability regardless of the type of application or piece of infrastructure you use.

For a lot of the stuff in Instana now, you just go through Teleport, you're done. No more VPNs, no more certificates, no more having things break. Just take the tool that you want to run and protect it, so that way I know that it's safe and secure.
Arrows pointing towards the word audience on a whiteboard

Geo

Chicago, Illinois

Vertical

Enterprise APM and Observability

Employees

89

Clouds

Multi-Cloud

  • Challenges
  • Use Dropwizard at scale in an auditable and secure manner
  • Achieve compliance standards like SOC 2, FedRAMP, ISO
  • Eliminate the pain of existing access workflow for engineers
  • Results
  • Implemented Teleport at scale integrated with Dropwizard
  • Made compliance audits very easy and painless
  • Achieved a full chain of audit custody for previously un-audited control workflows