A financial services organization was feeling limited by its infrastructure. They were looking to migrate on-premises applications to the cloud to ensure long-term scalability, and spend less time on data center management and more time on strategy. The client did not have adequate in-house staff to plan and execute a successful migration while maintaining the necessary focus on cybersecurity.
CBI was engaged to provide Strategic Staffing services. Six analysts from our Architecture and Integration team were contracted for 12 months to help accomplish defined goals. We worked closely with the organization’s security management and in-house analysts to understand the environment, and facilitated the assessment of cloud service providers (CSPs) with a strategic approach that included requirements definition, RACI (Responsible, Accountable, Consulted, Informed) matrices, and architectural reviews. This helped ensure that their chosen solution—Amazon Web Services (AWS)—aligned with security and business objectives.
Our analysts supported both dedicated cloud migration and security operations teams. Applications were moved to AWS in focused, two-week sprints. A “re-platforming” approach enabled the client to experiment with the cloud environment and learn lessons before moving on to other workloads. Modifying the applications to take advantage of cloud infrastructure helped them benefit from capabilities such as auto-scaling, managed storage and data processing services, and infrastructure as code (IaC).
We provided actionable recommendations to address cloud control plane settings, privileged access controls, automation, and APIs. Extra layers of security were implemented to meet the client’s requirements around data privacy, confidentiality, encryption, identity and access management, and regulatory compliance.
The client was able to succeed in increasing scalability while freeing up developers to innovate. The addition of CBI’s resources enabled the migration team to keep everything on track and fully focus on migration efforts, strengthening their ability to complete tasks and reducing development disruptions.
Baseline security standards were developed, including cloud control plane configuration, IaC templates, cloud workload vulnerability posture, and DevOps and cloud infrastructure privilege assignment. Industry best practices—including Center for Internet Security (CIS) benchmarks—were leveraged to configure and secure AWS accounts and monitor them carefully for changes, facilitating the detection of misconfigurations that could lead to security incidents.
|View Case Study|