How a leading bank secured data in the cloud

September 13, 2019

 

09Sept19_Scotiabank_LandingPage_679x220.jpg

When this global financial services organization embraced the cloud, it placed a bet on speed to market.

The bank’s cloud development platform supported developers throughout the organization. They could now build and deploy new cloud-based applications more quickly. In an industry where fintech has set the pace of change, agility is critical.

But how could the organization balance agility with the security demanded by its confidential data?

Agility vs. security: the classic conundrum

The bank realized early on that its cloud migration pitted agility against security – and neither was negotiable.

For decades, the bank’s teams had developed applications on-premise. This allowed the organization to control and secure mountains of confidential data, like personally identifiable information (PII). When it began shifting private data to a public cloud, it needed a strategy to safeguard its data.

Data security is hardwired into the organization’s identity. Like many financial institutions, it needs to abide by legislation designed to protect Canadians’ personal information. But the bank surpasses that baseline with its own demanding standards.

That’s why agility presented a challenge. Multiple stakeholders would need visibility on the data. If they were not satisfied, they could require manual verification. This would create bottlenecks, slowing the rapid development and quick time to market that made the cloud strategy so important.

“The new world of application development gives software developers the ability to build solutions faster and then deploy faster for business,” says the bank’s project lead. “If the technology side of a business doesn’t have the confidence of their security colleagues, rapid development can hit a wall.”

Automation saves the day

From the start, the bank, along with BDO’s Technology Services team, identified automation and modern cloud data security as the way to solve its challenge. If security checks could be automated, bottlenecks would be eliminated without compromising on security.

Using the latest features of the Microsoft Azure platform, the team designed and deployed secure data and database pipelines to begin migrating the bank’s data to Azure.

The automation that powered the security checks proved complex. With thousands of databases, the bank needed to ensure the checks covered all situations and requirements. Security and compliance teams, technology professionals, program management and business leaders — each party shared its requirements with the BDO team.

“The BDO team was great to work with,” says the bank’s project lead. “Some providers stick rigidly to the scope of a project contract, but we found they recognized how our business continues to evolve. We appreciated their agility — their ability to shift scope and adjust services as we navigated the journey together.”

From development to deployment

The secure data and database pipelines deployed are just the beginning for this world-class organization. As its teams continue to see the benefits of rapid deployment to market, it is expanding the cloud’s usage by migrating new lines of business and their data from on-premise environments.

To meet requirements for new data pipelines throughout the enterprise, the company has continued to depend on the BDO team to roll out new capabilities.

“There’s not much of a precedent for this project,” says Rishan Lye, Partner, Advisory Services, Technology, at BDO. “What we’ve accomplished here is somewhat groundbreaking in terms of how data can be moved to the cloud securely and faster than conventional methods and manual effort. The level of intelligence built into the data pipelines is unique.”

The company’s data pipelines have helped make its cloud transformation a success. Automating the security checks covered its two complementary needs: data security and speed to market. As a result, customers see greater value as teams deploy new features quickly and securely. And as the organization expands its cloud usage, it will control costs and scale its platform resources to meet its evolving needs.

“The client chose BDO really for three reasons,” says BDO’s Gelesz. “One, we have the deep technical expertise in cloud engineering, data management and security that was essential for this project. Two, the client wanted a firm with a long track record in financial services. And three, they were using Microsoft’s Azure platform, for which BDO is an industry leader with gold-certified partner status. 

“I think what we’re most proud of – and what we heard consistently from the client – was that BDO delivered more than just technical and industry excellence. We were a true partner during this migration to the cloud.”

Find out more about BDO’s Technology Services. 

 

Previous Article
BDO & MindBridge - Mitigating Financial Risk Exposure
BDO & MindBridge - Mitigating Financial Risk Exposure

How to use innovation to understand, assess and mitigate the risks that COVID-19 has exposed to your business.

Next Article
Getting the message: the next step to become cyber resilient
Getting the message: the next step to become cyber resilient

Canadian financial-services companies need to get a message after a series of high-profile hacks: they are ...

Mutual insurance financial statements are here

Access Now