Learning Library

← Back to Library

DemoBank's Hybrid Cloud Modernization

5m • Unknown Channel • security • deep-dive • advanced • Watch on YouTube ↗

Key Points

DemoBank launched a modernization initiative to adopt a microservices‑based, cloud‑native architecture, enabling rapid delivery of new digital features such as a virtual assistant that integrates AI, weather, and traffic data.
To stay competitive against the fast‑growing rival AnyBank, CIO Amy prioritized a suite of online services—including mobile check deposit and face‑ID login—while maintaining legacy back‑end data on‑premises in a hybrid environment.
The bank leveraged IBM Cloud Pak for Multicloud Management to extend its application across multiple public clouds, preserving compliance and centralizing governance across the hybrid landscape.
Throughout the migration and future production rollout, stringent security, policy enforcement, and regulatory compliance were emphasized as critical safeguards against data breaches and potential brand damage.

Sections

Full Transcript

# DemoBank's Hybrid Cloud Modernization **Source:** [https://www.youtube.com/watch?v=aH4nz3mQIng](https://www.youtube.com/watch?v=aH4nz3mQIng) **Duration:** 00:05:49 ## Summary - DemoBank launched a modernization initiative to adopt a microservices‑based, cloud‑native architecture, enabling rapid delivery of new digital features such as a virtual assistant that integrates AI, weather, and traffic data. - To stay competitive against the fast‑growing rival AnyBank, CIO Amy prioritized a suite of online services—including mobile check deposit and face‑ID login—while maintaining legacy back‑end data on‑premises in a hybrid environment. - The bank leveraged IBM Cloud Pak for Multicloud Management to extend its application across multiple public clouds, preserving compliance and centralizing governance across the hybrid landscape. - Throughout the migration and future production rollout, stringent security, policy enforcement, and regulatory compliance were emphasized as critical safeguards against data breaches and potential brand damage. ## Sections - [00:00:00](https://www.youtube.com/watch?v=aH4nz3mQIng&t=0s) **DemoBank's Modernization and Competitive Push** - DemoBank revamped its mobile app with microservices and a cloud‑based virtual assistant using IBM Cloud Pak for Multicloud Management to regain market share against the agile competitor AnyBank, as CIO Amy drives a new suite of online features. - [00:03:12](https://www.youtube.com/watch?v=aH4nz3mQIng&t=192s) **Multicloud Compliance Gap Uncovered** - DemoBank's SRE team discovers inconsistent Kubernetes network security policies between public and on‑premises clouds, creating a compliance breach and highlighting the need for automated monitoring and remediation. ## Full Transcript

0:00DemoBank is a fictitious banking institution 0:03with a rather ordinary mobile application. 0:06A year ago they decided to embark 0:08on a modernization journey 0:10and get more innovative with a microservices-based architecture. 0:14The purpose of this was to allow their developers 0:16to rapidly deliver new features to the market. 0:19The first such new feature was a virtual assistant, 0:22which uses public cloud services 0:24including artificial intelligence, weather, and traffic 0:27to help their clients with directions to the closest no-fee ATM 0:31or updates to branch hours based on weather events. 0:35The application update was a huge market success 0:38and DemoBank was able to gain market share. 0:41They were able to extend their application architecture to multicloud, 0:44while maintaining their compliance, 0:47thanks to the IBM Cloud Pak for Multicloud Management. 0:50Let's dig a little bit more into how they did that 0:53and how they came to that decision. 0:55DemoBank has been an industry leader for a long time 0:58but has recently seen consistent declines in market share. 1:02While a new competitor, AnyBank, 1:03has attracted a lot of DemoBank's existing, 1:06and future, customers. 1:07A strong package of online services, 1:10including banking anywhere 1:12and mobile banking features, 1:14has driven the competitor's success. 1:16And Amy, DemoBank's CIO, 1:18is under the gun to deliver competing services 1:20that will help gain, and retain, customers. 1:23Amy has outlined a new suite of online features 1:26for the development team to build 1:28in order to compete, including a virtual assistant, 1:31mobile check depositing, 1:32and face ID recognition for login. 1:35DemoBank's CIO knows that developing and deploying these new features 1:38using cloud-native architecture 1:40is the best way to compete and continue to innovate 1:43by boosting cross-application reuse of services. 1:46The first step is for DemoBank to modernize 1:49some of its existing application components 1:51and move them to a public cloud. 1:54And while this migration is taking place, 1:56they must continue to keep backend data, 1:59such as account numbers and other sensitive data, 2:01on-premises in their data center 2:03and ensure that they can manage the whole environment 2:06efficiently and securely. 2:08Innovation is the key to winning 2:10and building cloud-native, 2:11while running workloads in a hybrid environment, 2:13offers the speed to market that 2:15DemoBank needs to stay competitive. 2:17But modernization, of course, comes with risk, 2:21especially in the financial industry. 2:24Policy enforcement is critical 2:26with so much sensitive data 2:28and security breaches are always a threat. 2:30DemoBank must ensure its new IT environment 2:33is completely secure and in full compliance 2:36with both its industry regulations 2:37and its enterprise policies. 2:39If any of this is compromised, 2:41it could mean millions of dollars lost 2:43and a tarnished brand image. 2:45Security, governance, and compliance 2:47will be extremely important 2:48over the course of DemoBank's development project 2:51and will continue to be so 2:52once the applications are deployed to production. 2:55Let's take a look at the perspective of Amy, the CIO, 2:59as the decision was made to go forward with this project. 3:02In the pitch meeting, 3:04DemoBank's chief information security officer says, 3:07"Hold on. Remember when FailedBank 3:09tried to do something in public cloud 3:11and exposed sensitive data? 3:12They almost went out of business 3:14from the fines and loss of customers." 3:16DemoBank CEO's responded, 3:18"This is true, but we can't afford to remain idle. 3:22We need to find a way that we can both 3:24embrace new technology and new routes to market 3:26while staying on top of compliance and risk." 3:29As the CIO, 3:31Amy has to think about what it means to her IT operations team 3:34and her SRE teams. 3:36The operations manager, or SREs, 3:38need security and governments within their private 3:41and public clouds. 3:43The project is underway. 3:44It's up to DemoBank's SRE team to ensure 3:47that the enterprises policies are enforced 3:49and compliance requirements are being met 3:51across all cloud and on-premises resources. 3:55The developers deliver the first release 3:58and it is deployed to production. 4:00At first glance, everything looks green 4:01and everything looks good in the environment. 4:04When they dig a little bit deeper, 4:05they notice a glaring security problem 4:08that could affect the integrity of their compliance. 4:11The Kubernetes network security policy 4:13on the public cloud services 4:14is not set the same as it is on-premises 4:17in their production environment. 4:19At this point, there's no automated function 4:21to predict or to remediate that problem. 4:24DemoBank now has a gap in its compliance status 4:27and customer data may be at risk. 4:29Without a proactive way to monitor their multicloud environment, 4:33DemoBank can't effectively know 4:35the health of the environment, 4:37nor have a way to remediate any incidents that could arise 4:41as they move applications across clouds. 4:44When DemoBank adopted 4:46the IBM Cloud Pak for Multicloud Management, 4:48they leveraged security policies to enforce 4:51the network security settings for their production environments. 4:54Even when a developer changed the setting 4:57to a noncompliant setting, 5:00the policy engine automatically fixed it 5:02and notified central IT. 5:05Once they adopted the Cloud Pak 5:06as a single control plane for their multicloud applications, 5:09the whole C-suite for DemoBank 5:11could now sleep better at night, 5:13development teams could develop more securely, 5:15operations teams could manage more securely, 5:18- all while keeping up with the breakneck pace of innovation. 5:21In this scenario, 5:23you've seen how the fictitious bank, DemoBank, 5:26was able to drive innovation 5:28while maintaining security 5:31by using the IBM Cloud Pak for Multicloud Management 5:34as their control plane for multicloud resources. 5:38Thank you for watching this video. 5:40To learn more, check out the next video in the series 5:43where you can learn how the IBM Cloud Pak for Multicloud Management 5:45can help you with all of your multicloud 5:47governance, risk, and security needs.