How Western Asset Management Is Mitigating Cloud Threats

Jul 11, 2019
4 minutes

Banking, investment management and FinTech have continually invested in technology upgrades, data analytics and differentiated product offerings in an increasingly competitive and evolving investment landscape. A recent Accenture survey found 90% of banking respondents stating that cloud enables and accelerates innovative adoption. Of those surveyed, 60% say cloud-based entrants will challenge traditional businesses shackled by the limitations of their on-premises agility, storage, and computing capabilities.

Western Asset Management (WAM) is currently pushing the envelope with regard to innovation in a highly competitive market. The “active” investment management industry that WAM services involves constantly managed funds and portfolios, time-sensitive transactions and decision-making based upon fast-changing market conditions. And with several options at their disposal, clients expect compressed fees when it comes to managing their money.

By embracing an agile development process and moving DevOps to the cloud, WAM’s application delivery has been transformed for application deployment and product development. In the old days, if the risk management team wanted to develop and test new risk models or algorithms, teams of hardware, networking and IT resources would need to be scheduled. Now, in the cloud, instances can be spun up at the push of a button, and sandbox environments for testing purposes can be created and destroyed instantly before pushing to production.

Managing security, risk and regulatory compliance can be challenging in an agile, dynamic cloud environment. Western Asset Management’s DevOps and security teams embraced the competitive challenges, understanding the need for a well-architected, cloud native security solution.

We recently sat down with David Pace, who is responsible for Global Information Security at Western Asset Management (WAM), a fixed-income investment firm and an independent affiliate of Legg Mason, managing funds exceeding $420 billion across nine offices worldwide. The challenges they faced as an organization migrating to the cloud were eliminating risks, detecting when users misconfigured cloud resources, and alerting for threats on a network-level in their public cloud environment.

The initial deployment of Prisma Cloud (formerly RedLock) gave WAM immediate insight into their environments, such as identifying administrator accounts without multi-factor authentication (MFA) enabled. The team was able to better approach cloud security in an efficient, scalable manner. Instead of relying on outdated manual methods of getting log data into systems to analyze, they can now rely on Prisma Cloud to identify, prioritize and pinpoint where risks exist and mitigate them as soon as possible.

Pace and his team discerned three major benefits during their evaluation of Prisma Cloud:

  1. Powerful security governance capabilities
  2. Out-of-the-box compliance and auditing features
  3. Unsurpassed network visibility

His team now has visibility into their entire cloud infrastructure, allowing them to see and recognize threats that are targeting their cloud environment from the outside, as well as threats that might be originating from within their cloud environment going out. Pace now has a 360° view of his environment in one centralized interface where he and his team can run reports as well as issue and process alerts in real-time to remediate any issues that may arise.

“Our senior IT management really has the confidence now in our cloud team being able to leverage Prisma Cloud for the compliance, security governance, auditing and network visibility that we get. The ROI has just been immense – allowing our business to work faster, and more efficiently by leveraging new cloud services – that in the past we may not have been able to secure properly.” – David Pace, Global Information Security at WAM

WAM’s future plans with Prisma Cloud are primarily focused on expanding the integration across multiple cloud platforms. Initially deployed on AWS, WAM’s DevOps teams plan to expand to Microsoft Azure and Google Cloud Platform. Having the ability to leverage Prisma Cloud across their multi-cloud environment will give Pace and his team one holistic view as to what’s happening and enable them to accurately assess risk.

For organizations migrating to the cloud or looking to adopt cloud computing technologies, Pace recommends leveraging a product such as Prisma Cloud that provides visibility into their cloud environment for comprehensive user auditing, compliance reporting, and identification of risky behaviors or misconfigurations. Given that, organizations can rest assured that their public cloud environments are secure. With Prisma Cloud, users will gain actionable insights, along with the confidence that any threats that may present themselves can be pinpointed and remediated quickly.

Ready to experience the security power firsthand? Learn more.

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.