One of the largest, most complex financial institutions in the world, with businesses across retail and corporate banking, global markets, insurance and wealth management. They operate in over 60 markets, with as many regulators, serving 40 million customers
The organisation is large, diverse and complex – their AWS landscape covers 300+ accounts over 6 AWS regions serving a DevOps Community of 1200+ and utilizes over 90 AWS services.
The regulated nature of the businesses, across 60 countries, creates an environment where innovation can be slowed by compliance and IT security requirements.
The client needed a way to enable innovation, allowing the introduction of new projects and services, without stifling the pace of cloud adoption while managing risk and compliance.
Continuous Compliance is a key enabler of innovation, providing guardrails for a multitude of AWS based projects while both informing IT Security professionals of the security posture and allowing the customer to manage risk in their AWS cloud environments.
The Continuous Compliance framework is built on and extends a number of AWS security services, including AWS Organizations, CloudWatch Events / Event Bus, IAM and CloudTrail. Lambda and DynamoDB are the core compute and database components of the solution, deployed in each region these tools provide near real-time event driven compliance in this complex environment. Compliance visibility is provided both through an ADFS authenticated security portal, CloudWatch events and SNS to the system owners.
Cross functional development streams can operate autonomously across the globe with the additional guidance and direction from the compliance framework supported by the Cyber Security team.
AirWalk’s financial services experience helped the client to design and develop a continuous compliance framework to counter the organization’s normally conservative risk approach and allow them to adopt an innovative approach to AWS services, while maintaining an informed and controlled risk position.
Prevent
Detect
Correct
Exempt