What's next for enterprise security? Look to public cloud — Read the paper
Overcoming new security threats
As enterprises undergo business transformation, security and compliance challenges loom large. The move to public cloud, combined with the increase in remote working, have expanded the security perimeter well beyond the traditional boundaries of on-premises data centers and networks, putting data and applications at greater risk from threat actors.
A growing number of high-profile breaches has prompted greater regulatory scrutiny about how organizations are protecting data, and where that data resides. Cloud and increasingly complex hybrid environments are compelling organizations to think differently about security and compliance.
Cloud-native tools help leading insurer tighten security
A leading North American financial services firm needed to modernize its core system to improve the customer experience. DXC Technology advised the company to migrate its core applications to public cloud, and ported user profiles and IDs to cloud-native tools on AWS cloud, using an automated security migration framework. DXC now continuously manages the company’s applications and infrastructure configurations, cloud security and governance. Security controls are automatically updated through AWS, ensuring the company can defend against the latest threats.
Secure, innovative payments in public cloud
DXC supported a 150-year-old investment firm’s plan to disrupt the market for consumer payments. DXC rapidly delivered infrastructure and middleware services for application developers in public cloud, plus a DevOps culture and pipelines to support continuous integration, delivery and deployment. A comprehensive new security control framework and security services satisfied internal security requirements and external regulators. The firm launched an industry-changing product on time, helping to open up a new market of 102 million consumers.
The Cloud Right approach
Using a Cloud Right™ approach, organizations can evolve their security approach to address new platforms, new technology and new capabilities that their existing approaches may not be able to properly protect. The focus on protecting locations and devices needs to shift to protecting the data itself. Data-centric security requires organizations to discover and classify data — identifying sensitive data, where it resides, how it flows through the company, and where the vulnerabilities lie.
The focus on protecting locations and devices needs to shift to protecting the data itself.
Security professionals should be involved early in the planning process. Enterprises need to embrace DevSecOps, with security woven into the IT landscape. Mixed teams should be established that have all the needed capabilities, including developers, security professionals and infrastructure experts. Adopting the mixed team way of working applies not only to cloud, but also to hybrid and on-premises environments.