![case study](https://cdn.quantiphi.com/2024/02/1a60bc64-secops-practcie2-banner.png)
Ensuring Robust Cloud Security for an American Financial Services Company
Financial Services Banking & Financial ServicesBusiness Impacts
Reduced risk of unauthorized access and data breaches
Enhanced compliance and customer trust
Minimized operational disruptions
Customer Key Facts
- Country : New York, USA
- Industry : Financial services and insurance industry
Problem Context
Client is an American financial services company operateing 1680 branches throughout the US,
Client needed help in –
- Identify security gaps and vulnerabilities, perform analysis of their exisiting GC environment and categorize the vulnerabilities on their risk levels
- ย Provide detailed remediation plans and recommendations / best practices to enhance the overall security posture
Challenges
- Lack of defined organization policies and governance control
- No proper access control based on department, team, and access roles
- Default VPC configuration leading to potential security vulnerabilities
- Unable to track data usage and security
- Data retention and management
- Limited visibility into system activities due to undefined data and audit logs
- Ineffective threat detection and response
![](https://cdn.quantiphi.com/2024/02/ac3a3c26-secops-practcie2-challenge.png)
Technologies Used
![Cloud Security Command Centre Premium](https://cdn.quantiphi.com/2024/02/87b00ba6-security-command-center-72-color.png)
Cloud Security Command Centre Premium
![Cloud Audit Logs](https://cdn.quantiphi.com/2024/02/e79bb6a5-cloud-audit-logs.png)
Cloud Audit Logs
![Cloud Data Loss Prevention](https://cdn.quantiphi.com/2024/02/f0ccb7c4-cloud-data-loss-prevention.png)
Cloud Data Loss Prevention
![Identity & Access Management](https://cdn.quantiphi.com/2024/02/bed8ed9b-cloud-identity-access-management.png)
Identity & Access Management
![Dialogflow](https://cdn.quantiphi.com/2024/02/6a1ff213-dialogflow-logo.png)
Dialogflow
![VPC service controls](https://cdn.quantiphi.com/2024/02/b50f0804-vpc-service-controls-logo.png)
VPC service controls
![Cloud Identity](https://cdn.quantiphi.com/2024/02/bed8ed9b-cloud-identity-access-management.png)
Cloud Identity
Solution
- Quantiphi implemented a robust authentication and access policies.
- Enabled Multi-Factor Authentication (MFA), implemented key-based access controls, defined user groups, and configured audit logs.
- Streamlined access management through custom roles that granted the minimum required permissions.
- Provided immediate remediation solutions focusing on improving design, architecture and configuration settings
Results
- Improved security posture with strong authentication and access policies and reduced unauthorized access risks.
- Enhanced access management and minimized attack surface.
- Recommendations based on prioritized security implementation.
- Compliance with Google Cloud best practices to establish a robust security foundation.
- Improved security posture with strong authentication and access policies and reduced unauthorized access risks.
- Enhanced access management and minimized attack surface.
- Recommendations based on prioritized security implementation.
- Compliance with Google Cloud best practices to establish a robust security foundation.