Public cloud infrastructure-as-a-service (IaaS) offerings, such as AWS, Azure, or Google Cloud Platform, can quickly and economically accommodate unexpected or temporary business computing workloads. Many enterprises have extended their private data centers to the public cloud for a hybrid cloud model for competitive and operational benefits. However, proper alignment of security and resiliency to enterprise standards and policies are still required. In the financial services industry, concerns over data, workload and infrastructure security have slowed adoption of public cloud computing. Regardless of where it resides, a financial institution’s data is ultimately the target of malicious entities. Moving some of that data to the public cloud does not shift responsibility for it as this cannot be delegated in the eyes of regulators. Financial institutions must take appropriate measures to protect data residing in the public cloud as well.

Many in the financial services industry want to leverage the agility, flexibility and advanced capabilities available in the public cloud to complement their private data centers while ensuring intellectual property, regulated data (e.g., PII) and other sensitive data are protected. To achieve this, the following issues in a hybrid cloud computing model need to be addressed:

hybrid cloud computing model need to be addressed:

  • Limited visibility into applications and data in the public cloud.
  • Varying native security capabilities and features at different cloud providers
  • Shared responsibility for security with cloud providers
  • Scaling security up/down with dynamic addition/deletion of virtual machines as needed

As part of this use case, an example of an anonymous financial institution’s hybrid cloud deployment with AWS is also covered.

For more information on cybersecurity for the financial sector, visit our Financial Services industry page at


Cybersecurity Reference Blueprint for Financial Services IT

Learn how financial institutions may prevent successful cyberattacks by incorporating various elements of the Palo Alto Networks security operating platform into their overall cybersecurity program.
  • 3
  • 1740

Application Usage and Threat Report

The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
Santa Clara
  • 30
  • 9086

Simplify PCI Compliance with Network Segmentation PDF

Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope. Download our use case "Simplify PCI Compliance With Network Segmentation" to learn how Palo Alto Networks Next-Generation Security Platform delivers maximum protection for an organization’s entire computing environment while greatly reducing the scope of PCI compliance.
  • 0
  • 1551

VakıfBank Case Study

Vakifbank chose to strengthen End-Point Security and reduce its attack surface with Palo Alto Networks Traps
  • 2
  • 1119

Security Operating Platform for Financial Services (2018)

Thousands of banks, institutional investors, asset managers, mutual funds, broker-dealers and other financial institutions across the globe prevent successful cyberattacks with the Palo Alto Networks Security Operating Platform. Palo Alto Networks is uniquely qualified to protect financial transactions, customer data, and support regulatory compliance by providing advanced security prevention capabilities in one security platform. Automation and tight integration between components of the platform prevent successful cyberattacks. By eliminating routine tasks, security personnel may then focus on what matters. The extensibility of the platform allows financial institutions to consume security innovations quickly whether they are provided by Palo Alto Networks, third-parties, or even home-grown. Download the whitepaper to learn how the Security Operating Platform provides layered protection across a financial institution’s network, endpoints, and cloud environments. Read about several popular use cases for the financial sector including network perimeter protection, network segmentation, security for cloud computing initiatives, protection of even difficult or impossible to patch endpoints, and as well securing both corporate and unmanaged mobile devices.
  • 1
  • 218


At Bank OCBC NISP, Palo Alto Networks PA-5060 next-generation firewall prevents threats and safely enables applications over the bank’s internet gateways across two data centers. In addition, the WF-500 appliance provides WildFire™ threat analysis service as an on-premise, private cloud to analyze suspicious files in a sandbox environment without the need to send them outside the bank’s network.
  • 0
  • 788