Cloud platform development

Rapid deployment of new projects and services

Security best practice assured

Die Herausforderung

The need for a mechanism to enforce security standards
As part of its cloud migration strategy this global investment bank needed to be able to define standard security policies then deploy once on a virtual machine to ease future releases and ensure consistency.
To achieve this, there was a need to:  

  • Set baseline security and best practice for Oracle/Postgres databases
  • Codify security policies to be applied to the Azure cloud environment
  • Add policies to a CI/CD pipeline with accompanying test framework
  • Free developers to deploy databases in Azure without needing to re-create security controls each time

Unser Lösungsansatz

Security process engineering
Already a trusted partner of the bank, GFT was engaged to:

  • Examine the control environment pipeline and modify to accept policy as code
  • Select a specific test framework using typescript for positive and negative policy tests
  • Document and agree security standards and baseline with CSO
  • Create a policy-as-code library using Terraform to implement the policies
  • Perform standard tests via the pipeline to ensure the policies behaved as required

Nutzen auf Kundenseite

Self-service deployments of databases with enforced controls
GFT has empowered the bank to accelerate its cloud strategy in several ways:

  • With a codified policy set the bank can self serve database deployment in Azure
  • A thoroughly tested pipeline provides the ability to change security controls or add to them without introducing insecure configurations
  • Policy as code assures continuous compliance for databases on the whole platform, with any user changes not meeting the security controls, being rejected
Default C2A Content App pages

Gerne sprechen wir mit Ihnen darüber, wie wir unseren Lösungsansatz auf Ihr Business anwenden können

Carlos Mattos

Director of Technology & Architecture