Automating security configuration management also makes the bank more responsive to change while remaining compliant and resilient.
Prior to 2018, security configuration management at DBS Bank in Singapore was a manual process consisting of regularly generating reports, reviewing them, and subsequently remediating the security configurations in-between cycle periods.
The process involves compliance checks and guidelines set by international organizations to enhance overall security, and this end-to-end effort was maintained by a team of 13 staff to support non-compliance reporting and rectification.
As the number of servers in the bank grew each year, the total time required for the scanning and reporting process also increased, necessitating the bank to search for and develop a new solution to manage the process more efficiently.
Following a rigorous evaluation of technology options, the bank chose a solution that enables it to manage policy enforcement and reversion to baseline security configuration while also handling deviations. By moving from monolithic and manual configuration management to an automated and scalable solution, the bank was able to reduce the equivalent effort of 13 staff down to three.
Furthermore, the automation freed up time and energy for engineers to invest in other value-driven innovation or projects. Finally, the infrastructure and application teams no longer need to coordinate with each other for fixes, as the security configuration management solution had an auto-healing function.
With all these frameworks in place, the bank is set to keep pace with the ever-changing needs of the entire organization. According to Edwin Caliwag, Lead Developer, Automation Solutions, DBS, the solution enables the bank “to automate security configuration management and is a core component of our SecureSys system, helping us to (be) one of the safest banks in Asia.”
Said Rachel Lew, Regional Director (Asia and Japan) Puppet, the solution provider: “DBS… continue to shape the future of banking. We are strongly committed to supporting DBS to deliver on its pledge to be one of Asia’s most secure banks through our infrastructure automation platform.”