Cloud enables a financial organization to achieve better business agility, speed to the market, long-term cost saving, and great security and compliance at a scale and speed that cannot be matched by a traditional on-premise data center. To achieve the most benefits, the organization may want to use services from multiple clouds with different service models (e.g., SaaS - O365, PaaS - Azure, and IaaS - AWS) and deployment models. The security risks must be addressed systemically and comprehensively to maintain confidence in the cloud systems and trust in the financial institution. The defense needs to be built-in from the beginning rather than bolted-on later. Once built-in, the security controls can be inherited or leveraged by business applications and data deployed in the cloud-hybrid data center, increasing speed to the market and better system security and compliance.
This session introduces a Cloud Security Architecture (CSA) Capability framework that enables an organization to build the state-of-art defenses into a cloud-hybrid data center. It allows the organization to safely deploy high-risk workloads and process regulated and sensitive data in multiple clouds with built-in compliance to multiple regulatory mandates and industry standards, such as FFIEC, GLBA, SOX, FISMA, PCI, and NIST 800-53. The framework also allows the organization to rationalize its security technologies, providing portfolio clarity and simplification, identifying saving potential, improving cost efficiency, and reducing security risks.
Lian Jin, Chief Security Architect, MUFG Union Bank, N.A.