FinancialServicesatWork

ESP @ Work: Securely Migrating a Multinational Financial Services Corporation to the Cloud

“By fully automating our alerts we were able to see significant decrease in misconfigurations and vulnerabilities, which strengthened our overall security posture. As a very security conscious organization, this enabled us to move quickly and confidently into the cloud.” – CISO, Multinational Financial Services Corporation

Innovative and agile vision leads the way to secure cloud adoption.

Overview

ESP’s flexible custom control checks enable Multinational Financial Services Corporation to reduce risk, audit, and compliance validation specific to the Multinational Financial Services Corporation’s compliance and business risk requirements.

Customer Profile

An American multinational financial services corporation with over $2 trillion AUM (Assets Under Management). As one of the four largest mutual fund and financial services group in the world, they focus on sharing their financial expertise to help people live the lives they want.

Problem

Today’s financial services organizations are under pressure to modernize their IT infrastructure by migrating to the cloud. While the cloud offers freedom from capital-intensive technology investments and flexibility enabling them to focus on their core business objectives, security can often be a major roadblock in their journey to the cloud. This Multinational Financial Services Corporation is already leveraging AWS infrastructure with plans to grow use significantly and is no stranger to these security concerns.

The biggest challenge for them was that their information security team had no visibility into their API layer and the potential risks that exist there and their migration to the cloud could not be delayed.

Solution

To address these challenges, the CISO deployed the continuous monitoring and alerting capabilities of Evident Security Platform. As a very security conscious organization, the Financial Services Corporation understood how critical it was to select the most qualified solution and required that ESP was evaluated through a rigorous Security Vendor Technology Assessment and passed. Evident.io passed all of their security requirements as a company, not just a technology.

By consuming all of Amazon’s APIs, ESP is able to provide security for what the Multinational Financial Services Corporation put “in” the cloud. The solution automates the flow for alerts and remediation, removing the heavy lift of manual audits and building and managing their own suite of scripts while enabling comprehensive visibility of their AWS infrastructure to their information security team. ESP also supports the flexibility to develop custom signatures to be alerted on the Multinational Financial Services Corporation’s specific risks.

Results

With the ESP’s agentless non-invasive approach, the information security team now has consolidated multi-account visibility of all vulnerabilities and misconfigurations that exist in their cloud infrastructure through a single pane of glass dashboard. The value that ESP brought was to alert them of configuration changes and policy violation and provide a path to remediation.

ESP helped the Financial Services Corporation be compliant with regard to the AWS shared services model and CIS AWS Foundations Benchmark, by automating the exposure and remediation of vulnerabilities in AWS. ESP’s flexible custom control checks enable Multinational Financial Services Corporation to reduce risk, audit, and compliance validation specific to the Multinational Financial Services Corporation’s compliance and business risk requirements.

Learn More

To find out more about how our technology can empower you to solve this problem visit our website. ESP provides a single pane of glass view of all of your AWS accounts, regions and services in one easy to customize dashboard. By consuming all of Amazon’s APIs, ESP can detect and uncover vulnerabilities in your environment and alert security teams of configuration changes and policy violation and provide a path to remediation.

You can try ESP free for 14 days  and start securing your cloud infrastructure within minutes. You can use the tool on your own, just signup and get started — or we can help you along the way. It’s your choice.

About this ESP @ Work Blog Series

ESP @ Work provides insight into real customer implementations. These snapshots describe how Evident Security Platform (ESP) helps our customers maintain and benefit from continuous security and compliance in the cloud. All ESP @ Work posts are anonymous because we respect that our customers are not always able to publicly share their success.

About Alison Arnott

Alison Arnott is the Director of Marketing at Evident.io. Her career as a marketing leader spans over 10 years with international experience across marketing communications, demand generation and product marketing leadership roles at both high-growth software startups and Fortune 1000 companies. Alison brings a great mix of creative, strategic thinking and tactical execution.

More posts by Alison

Tags: