Mobile gaming leader Kabam levels up defenses with security deep dive
/ AT A GLANCE
Leading mobile game company Kabam and Google Cloud Premier Partner SADA conduct cloud security assessment to improve security for games and players.
10 security domains
2 key security risks
Gaming can be a great escape from reality. Players can pretend to be superheroes, supervillains, giant, shape-shifting robots, or defenders of the universe. Whatever role they decide to play, their avatars can become nearly invincible. Unfortunately, the same is not true of their devices and the games themselves. Real-life villains are constantly popping up with new threats to the security of gaming platforms.
“Almost no company would state they have the best security environment ever,” says Maurice Ko, VP of Engineering at Kabam, a leading mobile game developer. “There are always hackers who can find ways to make problems.”
Rather than focus on security, Kabam, a world leader in developing entertaining, immersive mobile games, would prefer to perfect the art of game design to entertain millions of players around the globe. Their games have raised the bar for mobile gaming, with high-quality graphics, next-generation technology, and revolutionary gameplay, and their profile as a target for hackers has also risen. That makes security essential. Kabam is dedicated to bringing their same focus to safeguarding games and players.
Kabam has been running on Google Cloud since 2017. Kabam only worked internally to protect their games and gamers from security threats until recently. By 2021, Kabam wanted to have a neutral third party evaluate their overall security to ensure they followed best practices.
“Security is a domain where we always want to have different points of view and opinions from multiple third parties,” says Maurice. “Over the years, Kabam has followed the best practices of many external vendors. They all seem to make sense, and we haven’t had any major incidents to date. But security is one of those moving targets where someone is always finding unique ways to break into your computing resources.”
Kabam needed a fresh perspective on their secure use of Google Cloud products for peace of mind. Had they been following the best best practices? If not, which best practices should they be observing? “Kabam needs to get a different opinion about whether we’re actually using Google Cloud correctly and with the highest level of safeguards,” says Maurice.
To obtain additional security expertise, Google Cloud recommended that Kabam engage SADA, a five-time Google Cloud Reseller Partner of the Year, to conduct a Cloud Security Assessment.
“Security is a wide-open topic, which is one of the reasons we wanted to conduct a security assessment with SADA,” says Maurice. “SADA’s Cloud Security Assessment presents an opportunity to have another type of evaluation to ensure we’re as close to foolproof as possible with our Google Cloud implementation.”
SADA proceeded to assess Kabam’s environment based on their knowledge of its Google Cloud foundations, starting with an automated Google Cloud Security Posture Review. After that, the SADA team, including a Senior Cloud Security Engineer and a Project Manager, evaluated Kabam’s existing configurations and platform controls to reduce risk and confront common threats.
We wanted to use SADA to do another round of investigation because SADA works with Google Cloud closely and they understand Google Cloud infrastructure quite well. From the customer point of view, SADA made it a very low effort process because they were so well prepared. We just made the high-level ask for what we wanted, and SADA and Google Cloud worked out all the details of the project.Maurice Ko | VP of Engineering at Kabam
As a result of working with SADA, Kabam has obtained an unbiased, third-party opinion as to their current cloud security capability. Across ten domains of security, SADA assessed Kabam’s strategy, documented the results and associated recommendations, and shared the final written report with the company. “SADA worked closely with Kabam stakeholders to understand our Google Cloud infrastructure and security configurations and capabilities and provided us with best practice recommendations,” says Maurice.
Now, Kabam can use the report as a roadmap for how to mature their security model on Google Cloud and in conjunction with SADA, develop an action plan to address the findings and any gaps.
SADA serves as the voice of authority as to whether our Google Cloud implementation has been set up correctly. The whole point of the assessment was for SADA to walk through all our infrastructure as a way of validating Kabam’s security. Their report was exhaustive and gave us a good baseline on our security and where we stand compared to the rest of the software industry.Maurice Ko | VP of Engineering at Kabam
Beyond the cloud security assessment, Kabam received two action items that immediately improved their security. Based on the recommendations of SADA’s review, Kabam became aware of separate port and network segmentation vulnerabilities that they were prepared to remediate quickly.
“The port and network segmentation issues were low-hanging fruit that we’ve moved forward to fix very quickly,” says Maurice. “The SADA team was quite knowledgeable, helpful, and provided really good recommendations about our current tech stack around security.”
Overall, by conducting a comprehensive security assessment of their Google Cloud environment, SADA helped Kabam:
- Validate ten vital domains of cybersecurity
- Target two critical security issues for fast remediation
- Baseline their security against the overall software industry
- Plan their roadmap for future security configurations
Security assessments tell you how secure your system actually is, identify all the flaws in your system–if any–and what to do about them. SADA was able to document and evaluate all these security-related concerns for Kabam, which we found to be eye-opening and a great value-add.
— Maurice Ko | VP of Engineering at Kabam
More customer stories
Sorcero extends their market reach and enriches the sales pipeline with marketplace integration and membership in SADA’s SaaS Alliance Partner program./ Learn more
SADA unifies two legacy companies on one productivity and collaboration platform, improving communication, cooperation, and security./ Learn more
What we're up to
Insight Enterprises has completed the acquisition of SADA. This blog provides details around the announcement and answers to questions./ Learn more
Insight reinforces its unique position as a leading Solutions Integrator, offering market-leading multicloud solutions at scale/ Learn more
Explore how SADA Flex Services surpass traditional managed services across 8 key areas, empowering operational agility and sustained innovation./ Learn more
Learn the world of deceptive technology with Acalvio's CEO Ram Varadarajan on Rocky Giglio's podcast. Dive into the future of active defense./ Learn more
Join SADA Associate CTO Simon Margolis in our video series, as he delves into the latest Google AI advancements./ Learn more
Learn how Cloud Data Loss Prevention (Cloud DLP) identifies and safeguards sensitive data. Delve into de-identification methods and their use cases./ Learn more
Solve not just for today but for what's next.
We'll help you harness the immense power of Google Cloud to solve your business challenge and transform the way you work.