Download PDF
CyberArk > Case Studies > European Bank's DevSecOps Cloud-Based Initiative with SIGHUP and CyberArk
CyberArk Logo

European Bank's DevSecOps Cloud-Based Initiative with SIGHUP and CyberArk

Technology Category
  • Cybersecurity & Privacy - Cloud Security
  • Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries
  • Finance & Insurance
  • National Security & Defense
Applicable Functions
  • Product Research & Development
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cloud Planning, Design & Implementation Services
  • System Integration
The Challenge
A leading European bank, serving over ten million customers, was looking to enhance its digital banking services with Kubernetes and cloud-native computing environments. However, with the increased digitization of services, security became a paramount concern for the bank’s stakeholders and clients. As the bank initiated its journey to the cloud, it adopted a variety of cloud-based technologies to rapidly address and respond to new business needs, such as providing customers with secure home banking services and secure apps for mobile phones. The bank realized that adopting cloud and related open-source technologies came with a price in terms of management and security constraints. One of the most critical aspects of the cloud journey was how to properly manage identities and secrets (privileged credentials or grants) across different cloud services. Managing secrets across different cloud and hybrid services are typically a pain point in every organization’s cloud journey.
About The Customer
The customer is a leading European bank that serves more than ten million customers. The bank was looking to enhance its digital banking services with Kubernetes and cloud-native computing environments. However, with the increased digitization of services, security became a paramount concern for the bank’s stakeholders and clients. The bank initiated its journey to the cloud and adopted a variety of cloud-based technologies to rapidly address and respond to new business needs, such as providing customers with secure home banking services and secure apps for mobile phones. The bank realized that adopting cloud and related open-source technologies came with a price in terms of management and security constraints.
The Solution
The bank decided to engage an external engineering firm with specialized expertise that could support and lead the bank in designing, selecting and deploying a secrets management platform to address the bank’s immediate and future needs. The bank leveraged SIGHUP to provide the necessary guidance and expertise. SIGHUP recommended the implementation of Conjur Secrets Manager Enterprise from CyberArk, which enables DevOps and infrastructure teams to safely manage secrets access and generate identities for the related workloads. Conjur was selected because it helps simplify application development with one centralized secrets management service to control and audit access. It also ensures robust authorization, supports enterprise scale and availability and provides an extensive integration library. The project’s second stage focused on aligning requirements with each business user to ensure compatibility with Conjur and the bank’s cloud-native security policies.
Operational Impact
  • The bank has been able to establish a robust engagement and increased awareness of DevSecOps best practices. The bank established a long-term relationship with SIGHUP and CyberArk, who continue to work closely with the bank’s DevSecOps team to maintain security standards and to ensure that every new project adheres to internal security policies. The bank has enabled the organization to increasingly embrace DevOps and DevSecOps methodologies while adopting a “shift left” approach – so that security is considered earlier in the process. The bank has also embraced a “policy as a code” approach, which made security configuration parameters declarative, versionable and repeatable. The bank has established centralized audit records for all authorization events and secrets operations, avoiding the typical security islands approach of multi-cloud/platform scenario.
Quantitative Benefit
  • Fully managed security in a cloud-based environment within six months
  • Registered an 80% increase in adoption of DevSecOps practices within the last two years

Related Case Studies.

Case Study
Real-time In-vehicle Monitoring
The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”
Learn more
Case Study
Smooth Transition to Energy Savings
The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.
Learn more
Case Study
Automated Pallet Labeling Solution for SPR Packaging
SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.
Learn more
© 2015-2024 IoT ONE Limited | Privacy Policy

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that Asia Growth Partners may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from Asia Growth Partners.
Submit

Thank you for your message!
We will contact you soon.