Security
Financial Services

Fortune 100 financial services organization deploys Elastic to help protect members and employees from cybersecurity threats

Reduced time to deploy new IT infrastructure

Reduced the time needed to stand up new infrastructure from days to minutes using Elastic.

Streamlined operational costs

Shifted a significant portion of its IT budget from capital to operational expenditure, making spending more predictable and freeing up resources by moving to Elastic Cloud on AWS.

Sped up and enhanced app deployment

This organization's application team can log app performance and use this information to enhance future releases by using Elastic.

Fortune 100 financial services organization adopts Elastic Cloud on AWS to deliver security and peace of mind for customers

This Fortune 100 financial services organization offers banking, investing, and insurance services and has more than 13 million members. This organization ranks in the top 100 of the Fortune 500 list of the largest US corporations.

Like any financial institution, protecting information systems from malware, denial of service attacks, and other security threats is a top priority. Over the years, this organization deployed a number of security tools to log events, spot anomalies, and investigate incidents throughout its enterprise. But this approach became fragmented, with important data sources isolated in siloes. It was time-consuming and expensive to pull together required information for audit and compliance purposes and broader security activities.

"We wanted to simplify and streamline both the technology and the financing of our observability infrastructure, while at the same time paving the way for scalable, affordable growth in data and wider business activity."

– Director, Cyber Security Engineering

To achieve these goals, and as part of its overall digital transformation planning, this organization's Cyber Security team selected Elastic to serve as its unified observability platform. They were impressed by Elastic's innovative roadmap and proactive support team. Additionally, Elastic offers a cloud-based solution that makes spending more predictable and reduces maintenance time compared to on-premises infrastructures, which was important to the organization.

Now deployed across the majority of this organization's security operations, the Elastic Cloud system ingests around 4 terabytes of data per day. Elastic had all the functionality that they needed to unify the majority of its security operations in the cloud. It also fits well with their digital transformation strategy, which focuses on lowering operational costs, scaling at speed, and deploying services faster.

The openness and flexibility of the Elastic Cloud on AWS solution was also a deciding factor for this organization, as was the opportunity to move to a more efficient budgeting model. The team shifted a significant portion of its IT budget from capital to operational expenditure, making spending more predictable and freeing up resources by moving to Elastic Cloud on AWS. Using Elastic, this organization can automatically divide data into tiers based on importance and how frequently certain data needs to be retrieved. Infrequently accessed or “frozen” data can be compressed and searched via searchable snapshots, which allows the organization to reduce storage costs while keeping content searchable.

"The Elastic team did an amazing job directing data from AWS centralized logging to Elastic Search. They spent a significant amount of time on initial configuration of data ingestion and established standard policy for data ingestion moving forward."

– Director, Cyber Security Engineering

The Elastic team also worked with the organization to enrich intelligence data from multiple sources and help identify threats more effectively. Following deployment, Elastic helped the Directory of Cyber Security Engineering and their team fine tune the new environment. This included optimizing log ingestion, and managing data layers in a way that aligned with their ILM (infrastructure lifecycle management) policy. Elastic also worked to help balance cost with value, while still adhering to the organization’s rapid response deadlines.

Better use of threat intelligence

This organization now can correlate logged events ingested by Elastic with the latest information from its threat intelligence management platform. For example, they can tap into national-level threat databases and see if similar traffic patterns appear in its network. This gives security analysts the context they need to understand incidents and examine them in detail.

In addition to security insights, Elastic provides the application team with logs that enable them to measure the performance and any errors of employee and customer facing apps and the website.

"Elastic gives us greater visibility into our hybrid cloud environment and puts historical data at our fingertips. We can support our internal clients more effectively while reducing the total cost of ownership of our infrastructure."

– Senior Cyber Security Engineer

This organization is already seeing performance improvements from the early-stage deployment, including a significant reduction in the time needed to scale IT infrastructure as data traffic grows. To ramp up to one terabyte on premise, it used to take 30 to 60 days. With Elastic, it now takes 30 minutes. This includes the work needed to manage the data across different storage types.

Elastic's integration with their development environment provides another advantage, particularly the boost it brings to this organization's CI/CD (continuous integration-continuous delivery) approach. In an on-premise environment, there is a certain amount of hardware dedicated to development and testing. In the cloud, they can instigate the resources required for testing, and wind them down when they're done.

Elastic also helps enable the maintenance of their systems health. With production up and running, the Director and their team have visibility into queue delays, responses, and latency using an Elastic SaaS monitoring cluster.

Additionally, Elastic provides easy integration with other productivity and communication tools that facilitate observability. These include the team's Slack network. If a system anomaly is detected, a Slack message is sent, immediately notifying team members via computer or app so that they can respond to the issue.

This organization also benefits from Elastic's support for multi-cloud and multi-region deployments. The team can add cloud regions as needed for uses such as disaster recovery. With Elastic they have greater choice and flexibility when it comes to integrating other cloud providers and other regions.

A secure future for members and employees

The team has appreciated Elastic's proactive support as they navigate their cloud journey, including working with the Elastic Consulting team.

This partnership enabled this organization to accelerate outcomes so that business objectives were met within timelines. Elastic Training keeps this organization's Elastic knowledge up to date, and gives them confidence and clear direction when tackling challenges.

"Relationships matter to us just as much as product capabilities," says this organization's Director of Cyber Security Engineering. "The speed of the Elastic team's response and their all-around support has been excellent. They've always been there when we needed them."

"As we move forward, Elastic will remain at the heart of our operations, helping us provide thorough protection against external threats for our members and our employees."

– Senior Cyber Security Engineer

Products & Deployments