Lloyds Banking Group: Container Security Maturity Model
About Lloyds Banking Group
Lloyds Banking Group is a British financial services institution headquartered in London. The group provides a variety of financial services through brands such as Lloyds Bank, Halifax, and Bank of Scotland. The group serves a total of 27 million customers and employs 66,000 people.
Assessing the container security maturity level
Due to the extensive use of container technologies within the group, Lloyds Banking Group sought to evaluate the security posture of their container environments. To achieve this, ControlPlane was engaged to define a maturity model that would enable Lloyds Banking Group to assess their container security maturity level.
Challenges
Lloyds Banking Group utilised various container technologies across multiple cloud and on-premise environments, making it challenging to establish a framework to measure their overall security posture. It was important to have a maturity model that was agnostic enough to apply to multiple container technologies and platforms while covering a wide range of low level and technical requirements.
Solutions
ControlPlane defined a maturity model covering several domains, each containing multiple capabilities. For each capability, a detailed description of the implementation requirements for all maturity levels was provided. The implementation definitions were based on industry best practices and Controlplane’s extensive experience in container security across various institutions.
The deliverable enabled the client to:
- Utilise a framework based on best practices applicable to multiple container technologies and platforms
- Evaluate the security posture of their containerised applications across diverse and heterogeneous environments
- Understand their maturity level in comparison to high standards and best practices
- Compare the maturity levels of their different platforms in a standardised manner
- Identify areas of improvement in their container security strategy
- Plan for enhancements to drive their security posture to the highest maturity levels
Business outcomes
The client was equipped to assess the security level of their workloads and understand how mature they are compared to the highest standards. After an initial assessment, Lloyds Banking Group could identify potential areas of improvement and plan the next steps in their container security strategy.