Customer Stories / Financial Services / Israel
Protecting High-Profile Websites Using AWS Security Services with Bank Leumi
Learn how Bank Leumi in the financial industry protects its public websites using AWS services for network and application protection.
Enhanced
edge security and protection from internet-based threats
Boosted
website performance
Improved
threat detection
Centralized management
for resource protection
Achieved
high levels of customizability
Overview
Bank Leumi, a leading Israeli bank, needed to improve the protection of its large-scale public applications from cybersecurity events. As part of its ongoing cloud adoption for business innovation, the bank was deploying its public services on Amazon Web Services (AWS). In late 2023, it decided to migrate its main public marketing website to AWS while maintaining strict security practices. To maintain a strong security posture for its customers, the bank chose AWS security and edge solutions.
Opportunity | Using AWS for the Edge to Increase Website Speed and Resiliency for Bank Leumi
Established in 1902, Bank Leumi provides high-quality banking services to individuals, small businesses, and large corporations. With some 200 branches and service centers throughout Israel, it is one of the largest corporations in the Middle East. In 2020, Bank Leumi began its migration journey from on-premises hosting to AWS.
Protecting its public apps is of high importance to Bank Leumi, so it employs a security-by-design approach, migrating each service to AWS with cybersecurity already baked in. To provide fast, reliable service, Bank Leumi requires scalability and high availability with protection against distributed denial-of-service (DDoS) issues, bots, and threats to its public-facing website.
As the bank team gained experience and knowledge on AWS, it began migrating more workloads to the cloud. By late 2023, it was deploying apps and websites on AWS for the Edge services to include them within the bank’s scaled-up network and web application protection. For this purpose, Bank Leumi used services such as Amazon CloudFront, a content delivery network service built for high performance, security, and developer convenience. Thus, the bank improved its online services, speed, and reliability, which are great benefits for its customers.
The bank team meets regularly with AWS solutions architects to build secure technological solutions according to the bank’s needs and determine how to maximize protection for its business and customers. In December 2023, it worked alongside the AWS Shield Response Team (SRT) to optimize its configuration as it migrated its main marketing website to the AWS edge security solution. This website acts as a gateway to online banking services. “We work alongside the AWS team daily,” says Eliran Mula, head of cloud security at Bank Leumi. “When we are facing security or architecture challenges, we find the right solution together. It’s a great collaboration.”
With security capabilities built in to edge technology services, we can achieve greater protection for Bank Leumi and its customers using AWS solutions.”
Eliran Mula
Head of Cloud Security, Bank Leumi
Solution | Mitigating Security Issues to Better Protect Infrastructure and Apps
Amazon CloudFront is fully integrated with two edge security solutions: AWS Shield, a managed DDoS protection service that safeguards applications running on AWS, and AWS WAF, a service for protecting against bots and common bugs that can decrease availability, compromise security, or consume excessive resources. With these security measures in place, Bank Leumi can absorb large-scale cybersecurity events and better protect its infrastructure and applications. “We have fully incorporated AWS infrastructure to protect our web applications against threats, and are using AWS WAF to mitigate web application attacks and bad bot traffic,” says Mula.
Because AWS Shield and AWS WAF are fully managed services, the bank team reduced the time spent on configuration and mitigation of security issues after the cloud migration. “The solution was out of the box and fully automatic to deploy and run new resources, in addition to being fully managed by AWS,” says Mula. “Once we protect our resources, we can quickly adjust its policy to make sure it’s well configured, and we can mitigate various web application and DDoS threats.”
Bank Leumi also implemented AWS Firewall Manager, a security management service that security teams use to configure and manage firewall rules centrally across accounts and applications. Using AWS Firewall Manager, Bank Leumi shortened the time needed to engineer and configure security solutions. Before migration, Bank Leumi had to combine several systems to manage all its websites and policies. Now, the team has centralized control over configurations and exposed resources. “Using AWS Firewall Manager, we can deploy our new workloads and resources,” says Mula. “After we spin up a new resource, such as Amazon CloudFront resources, it becomes incorporated and protected automatically.”
AWS security and edge solutions offer Bank Leumi a high level of customizability alongside out-of-the-box, best-practice configurations. The bank can improve protection for its website according to its needs with unique security policies. “Each website can have its own type of technology and protection,” says Mula. In addition, the security response team at Bank Leumi can make rapid, on-the-fly adjustments and better protect against events without installing or deploying new policies.
Outcome | Continuing Bank Leumi’s Secure Cloud Migration
On AWS, Bank Leumi has enhanced security across its public services, mitigating internet-based threats and bot issues on a large scale. As the bank continues its cloud migration journey, it plans to migrate more workloads to the cloud and optimize solutions. Bank Leumi intends to maintain its focus on security to protect its network, endpoints, and customers under the AWS Shared Responsibility Model.
“With security capabilities built in to edge technology services, we can achieve greater protection for Bank Leumi and its customers using AWS solutions,” says Mula.
About Bank Leumi
Founded in 1902, Bank Leumi is Israel’s largest bank according to market cap, operating some 200 branches and service centers across Israel. Leumi is a pioneer in the global digital banking field, offering a wide variety of advanced and innovative online banking services.
AWS Services Used
Amazon CloudFront
Amazon CloudFront is a content delivery network (CDN) service built for high performance, security, and developer convenience.
AWS Shield
AWS Shield is a managed DDoS protection service that safeguards applications running on AWS.
AWS WAF
AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources.
AWS Firewall Manager
AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations.
More Financial Services Customer Stories
Get Started
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.