- Explore our industry expertise
- Success stories
- Global investment bank adopts database security and policy-as-code in Azure cloud
Global investment bank adopts database security and policy-as-code in Azure cloud
Policy as code ensures best practice security baselines for cloud databases
As part of its cloud migration strategy this global investment bank needed to be able to define standard security policies then deploy once on a virtual machine to ease future releases and ensure consistency.
Cloud engineering
Cloud platform development
Process optimisation
Rapid deployment of new projects and services
Security policies
Security best practice assured
Microsoft enables digital transformation for the era of an intelligent cloud and an intelligent edge.
Challenge
Challenge
The need for a mechanism to enforce security standards
As part of its cloud migration strategy this global investment bank needed to be able to define standard security policies then deploy once on a virtual machine to ease future releases and ensure consistency.
To achieve this, there was a need to:
- Set baseline security and best practice for Oracle/Postgres databases
- Codify security policies to be applied to the Azure cloud environment
- Add policies to a CI/CD pipeline with accompanying test framework
- Free developers to deploy databases in Azure without needing to re-create security controls each time
Engagement
Engagement
Security process engineering
Already a trusted partner of the bank, GFT was engaged to:
- Examine the control environment pipeline and modify to accept policy as code
- Select a specific test framework using typescript for positive and negative policy tests
- Document and agree security standards and baseline with CSO
- Create a policy-as-code library using Terraform to implement the policies
- Perform standard tests via the pipeline to ensure the policies behaved as required
Benefit
Benefit
Self-service deployments of databases with enforced controls
GFT has empowered the bank to accelerate its cloud strategy in several ways:
- With a codified policy set the bank can self serve database deployment in Azure
- A thoroughly tested pipeline provides the ability to change security controls or add to them without introducing insecure configurations
- Policy as code assures continuous compliance for databases on the whole platform, with any user changes not meeting the security controls, being rejected
Download - just one click away
-
Success Story
Global investment bank adopts database security and policy-as-code in Azure cloud
Write a message to Alpesh Tailor
Message *
Please complete the mandatory fields
The Controller of the personal data is GFT Group. The data entered in the form will be processed to maintain contact and analyze interest in our materials. You can withdraw any consent given at any time. For additional information or to exercise your rights, visit the privacy notice.
Message sent
Thanks! The GFT team will get back to you soon.
Success!
We appreciate your interest and look forward to assisting you. Have a great day!
Form error
Oops, something went wrong.
Form submission error
We are sorry, something went wrong. Please try again later.