December 6, 2021
Financial Services Company Migrates On-Premises Workloads to the Cloud

The Challenge

A financial services organization was feeling limited by its infrastructure. They were looking to migrate on-premises applications to the cloud to ensure long-term scalability, and spend less time on data center management and more time on strategy. The client did not have adequate in-house staff to plan and execute a successful migration while maintaining the necessary focus on cybersecurity.

Case Study

The Solution

CBI was engaged to provide Strategic Staffing services. Six analysts from our Architecture and Integration team were contracted for 12 months to help accomplish defined goals. We worked closely with the organization’s security management and in-house analysts to understand the environment, and facilitated the assessment of cloud service providers (CSPs) with a strategic approach that included requirements definition, RACI (Responsible, Accountable, Consulted, Informed) matrices, and architectural reviews. This helped ensure that their chosen solution—Amazon Web Services (AWS)—aligned with security and business objectives.

Our analysts supported both dedicated cloud migration and security operations teams. Applications were moved to AWS in focused, two-week sprints. A “re-platforming” approach enabled the client to experiment with the cloud environment and learn lessons before moving on to other workloads. Modifying the applications to take advantage of cloud infrastructure helped them benefit from capabilities such as auto-scaling, managed storage and data processing services, and infrastructure as code (IaC).

We provided actionable recommendations to address cloud control plane settings, privileged access controls, automation, and APIs. Extra layers of security were implemented to meet the client’s requirements around data privacy, confidentiality, encryption, identity and access management, and regulatory compliance.

The Results

The client was able to succeed in increasing scalability while freeing up developers to innovate. The addition of CBI’s resources enabled the migration team to keep everything on track and fully focus on migration efforts, strengthening their ability to complete tasks and reducing development disruptions.

Baseline security standards were developed, including cloud control plane configuration, IaC templates, cloud workload vulnerability posture, and DevOps and cloud infrastructure privilege assignment. Industry best practices—including Center for Internet Security (CIS) benchmarks—were leveraged to configure and secure AWS accounts and monitor them carefully for changes, facilitating the detection of misconfigurations that could lead to security incidents.

View Case Study
About the Author
CBI | Cybersecurity Solutions
CBI Cybersecurity
CBI is a leading cybersecurity advisor to many of the world’s top tier organizations. Founded in 1991, CBI provides innovate, flexible and customizable solutions that help ensure data is secure, compliant and available. We engage in an advisory-led approach to safeguard our clients against the ever-changing threat landscape—giving them comprehensive visibility into their entire security program and helping them avoid cyber challenges before they can impact their data, business and brand. We are dedicated to the relentless pursuit of mitigating risks and elevating corporate security for a multitude of industries and companies of all sizes.
I Need To...