Traditional IT is being put under increasing pressure by the business to do more with less, simultaneously driving innovation, growing customer satisfaction, and maintaining system security and compliance—all while increasing scalability, reliability and uptime. In no other business are these pressures being felt more than in financial services where customer https://www.flux7.com/aws-security-with-agility/expectations for availability and the security of their data remain extremely high. Recently, a large privately held regional bank reached out to the AWS experts at Flux7 to ask for help creating a secure foundation in AWS for a new customer-facing application.
A central part of the bank’s consumer and commercial digital banking initiative, the new application was designed to take advantage of cloud computing strengths to provide a highly available digital banking experience to customers. However, to meet compliance and security objectives, the new app needed to be quickly deployed to a solid AWS foundation that incorporated operations best practices. In addition, the foundation needed to help the bank meet its security requirements.
Solution: Flux7 AWS Landing Zone
A key goal of the project was to create a solution that would stand the test of time, meeting the bank’s short and long-term cloud needs. Already operating in the cloud, the firm realized it needed a secure foundation that would allow it to achieve three key goals:
Meet security and compliance objectives
Effectively start greenfield projects in the cloud and
Efficiently migrate existing applications to AWS
To meet these objectives, the AWS consulting team at Flux7 recommended an AWS Landing Zone.
Flux7’s AWS Landing Zone is a designed collection of application agnostic components that provide a secure, manageable foundation for landing applications in AWS. The concept of a landing zone is critical for creating a secure and manageable environment in which applications will operate. For additional reading on AWS Landing Zones and how to get started, download our paper today:
As part of the AWS Landing Zone solution, Flux7 AWS experts delivered:
Built-in security based on AWS architecture best practices, including an Account Factory that will allow the bank’s team to create multiple AWS accounts for the highest level of resource and security isolation. In addition to account provisioning and hardening, the landing zone features a Center for Internet Security (CIS) rules dashboard and configurations, helping the team to implement security configuration best practices as recommended by CIS for hardening AWS accounts along with continuous monitoring capabilities for these security configurations. With security built into the foundational landing zone solution, the bank now has consistent, repeatable security that provides system confidence.
Customization to fit the customer’s unique environment. The Flux7 AWS Landing Zone also offers flexibility for continuous iteration and documentation of the platform through code, thereby providing consistent management. Specifically, the Flux7 solution provides the financial services provider with Transit VPC which allows the financial services company to connect multiple and geographically dispersed Virtual Private Cloud (VPC)s and remote networks. VPCs themselves are created with a VPC Factory that automates the creation and launch of VPCs into a virtual network. And, an AMI Factory allows the firm to create, verify and distribute Golden Amazon Machine Image (AMI)s that provide standardized machine images to business groups that meet the bank’s specific security and compliance requirements.
Customer technical training for each component of the landing zone solution architecture to ensure that the bank’s team can effectively operate and extend the architecture moving forward. The bank created a a cross-functional team with representatives from across each department. Flux7 trained this team with hands-on knowledge of cloud tools which and enabled the customer to train others within the organization, therhttps://www.flux7.com/engage-transition-skills-and-infrastructure-to-the-cloud/eby establishing a train-the-trainer program that enables DevOps culture to effectively spread throughout the bank.
The Flux7 AWS Landing Zone now provides this regional banking leader with an enterprise-grade foundation for their new customer facing application. Flux7 work begins with security at the forefront, enforced with CIS dashboards and CIS hardened AMIs, to develop, test and use in production. By using a proven solution, the customer is able to focus their efforts on accelerating the delivery of new digital banking applications while ensuring security is built-in from the beginning.
Just as importantly, multiple teams at the customer site are working seamlessly together, having begun the process of embedding a culture of DevOps across functions within the organization. Automation of technology and the flow of ideas across the company for enhanced productivity and business outcomes has just begun.
Whether you are just beginning your journey, or if you are looking for ways to help get further down the road, Flux7 AWS Landing Zones can help facilitate your goals. For a deeper look how, download our Getting Started Guide today.