Technology Record - Issue 25: Summer 2022

129 F I NANC I A L S E R V I C E S by mapping everything and isolating all compliance-related applications and systems. Granular visualisation will help you understand how best to reduce the risk of breaches quickly and easily. 2. Protect your essential systems. Separate critical applications such as money transfers, payments, and customer applications from the general IT infrastructure. 3. Prevent unauthorised lateral movement. Properly isolate internet of things and thirdparty access. In addition, manage access routes and terminate access at the target applications, preventing further movement within the data environments (on-premises or in the cloud). 4. Adopt cloud, platform-as-a-service, and other emerging technology cost-effectively and securely. Use a single pane of glass for visibility and setting security policy across all infrastructures. In addition, be sure to enforce security via a unified set of tools. 5. Data Flow Visualization. Real time understanding of where data is, where it is going and the ability to look back and see historically what changed. This is what helps to see where ransomware has spread, allowing mitigation of its impact before it executes and encrypts a network. An example of the effectiveness of this approach is the success of one customer, a US regional bank, which has used Guardicore Centra’s visualisation and microsegmentation capabilities to vastly improve operations. The bank already had a few initiatives in place, including ring-fencing 10 of its most critical applications, limiting third-party access, making it possible to migrate applications to the cloud, and maintaining a single set of security controls across the entire hybrid infrastructure. With the help of a single security architect over the course of two months, the customer was able to meet all its goals exceeding original expectations to be fully operational in weeks not months. Ultimately, it was able to achieve granular east-west traffic visibility, ring-fence its businesscritical applications, and restrict and properly route third-party access. Furthermore, the bank managed to map applications’ dependencies for seamless cloud migration and achieve full process automation with the DevOps integration. Financial institutions should also look for a tool that provides complete security coverage for applications, regardless of where they reside. After all, most financial institutions need to protect workloads that span across platforms and environments: on-premises, legacy and bare metal, virtual machines, containers, and public and private clouds, including Microsoft Azure. With simple and easy to manage microsegmentation controls, financial institutions can reduce the attack surface and quickly detect breaches within the data centre. Deep visibility into applications’ dependencies and traffic flows helps to enforce precise network and process-level policies that isolate critical applications and systems. Learn more at: Richard Meeus is director of security, technology and strategy EMEA at Akamai