Life insurer adopts a zero-trust framework
4
MINS READ
Highlights
Challenge
A large life insurance firm wanted to ensure network security and reliability to protect proprietary business information from cyber-attacks and data leaks. They needed to secure data movement on internal networks and strengthen network traffic security of their AWS environment. However, the company’s security controls were configured to exclusively check communication flows over public internet, and between their data center and AWS cloud. Additionally, most of the east-west traffic was never inspected for security. With the expansion of workloads on AWS, the company wanted to segment the cloud network to mitigate the insider attack threats. Further, they wanted to add a security layer to their internal AWS network traffic to completely thwart attacks.
Solution
TCS designed and implemented a zero-trust framework to protect the client’s network architecture and prevent data breaches. TCS leveraged network segmentation to prevent the lateral movement of unauthorized access, thereby ensuring threat prevention for enterprise applications and simplifying granular user-access control. By building a transit gateway to inter-connect the client’s virtual private clouds and multiple cloud accounts such as shared accounts, production accounts, non-production and security accounts, and consolidating the connectivity through a hub-and-spoke model, TCS secured the traffic exchanged among the client’s cloud accounts. The setup ensured that the traffic would first be sent to the transit gateway to be inspected by the firewall and that every network packet exchanged among the accounts would be scanned by the firewall, including hidden malware within encrypted data, to safeguard from cyber-attacks. Zero-trust security initiative helps in preventing data breaches.
Benefits
TCS helped the client strengthen the network security of their AWS environment by implementing data privacy controls across its multiple cloud accounts. TCS ensured that the internal AWS traffic was scanned to mitigate cyber-attacks and prevent unauthorized access. TCS helped the client gain the following benefits:
What made this happen
Develop strategies for holistic cloud transformation, with end-to-end services for cloud operating models, security, operations set-up, digital process enablement, and cloud value realization.
Simplify hybrid cloud orchestration with a Machine First™ approach, powered by TCS’ Cloud Exponence platform. Make the most of SAP application management services and SAP BASIS support with our industry-leading delivery and operations management capabilities.
Deliver a unified omnichannel user (agent) experience with our AI-based self-service capabilities. Reimagine your customer experience with a CX collaboration space powered by TCS RemacX platform.
Build a resilient and future-ready architecture, leveraging cloud-native infrastructure, automation, and reusable and ready-to-deploy components, including AWS containers, AWS serverless microservices (chassis) platform, and DevSecOps factory.
Enable collaborative ecosystems and cloud computing at the edge to create hyper-personalized customer experiences with intelligent products, connected plants, connected services, and product life cycle management.
Rapidly define, design, and deploy AWS foundational platforms and services for cost management, continuous improvement, and security using services powered by TCS Cloud Mason Framework and reusable infrastructure as code (IaC) templates.
Accelerate business transformation with next-gen products and platforms contextualized for industries.
Reimagine enterprise applications, data, or infrastructure with automated cloud migration services, leveraging data center discovery and migration factory powered by TCS Cloud Counsel platform, TCS CrystallusTM for S/4HANA, and TCS ConvertCore.
Transition seamlessly from legacy applications and systems to microservices-based cloud architectures by leveraging automation and AI.