How BOK Financial Secures Sensitive Data in The Supply Chain with SpectralOps
About The Company
BOK Financial Securities, a registered Broker Dealer in all 50 states and the full-service
brokerage subsidiary of BOK Financial Corporation (NASDAQ: BOKF), was founded in 1908.
Despite its age in the financial services business BOK Financial employs software tools to serve
its clients better. Many of these tools are developed in-house.
Protecting our customers’ data is very important to us. A solution that protects our organization from data breaches while not exposing our code to a third party is exactly what we were looking for.
The Challenge
BOK Financial’s standing as a provider of consumer financial services means that it is legally
obligated to comply with global and local standards and regulations for data management and
protection.
BOK Financial understands that a successful data Governance, Risk, and Compliance (GRC)
strategy, requires a comprehensive approach to data management and data protection.
With so many cases of costly data leaks and breaches originating from bad code security
hygiene, BOK Financial saw the importance of preventing confidential and sensitive data from
finding its way into code repositories.
To comply with regulatory demands, BOK Financial had to examine data as a whole throughout
all of its data warehouses, lakes, servers, logs, and the entire software development lifecycle.
Therefore, BOK specified a need for a solution that can protect their code assets from leaks
while keeping them private and without sending any data to a third-party security service
provider.
The Solution
SpectralOps serves BOK Financial’s regulatory requirements as both a preventative and a
monitoring solution for potential leaks and Cloud misconfigurations. Thanks to the ease of
implementation and integration of SpectralOps tools, BOK Financial security and development
teams had Spectral automated in the GitLab CI and continuously scanning the entire codebase.
All within just 24 hours.
SpectralOps was implemented as part of the coding process. Thus, it was able to identify issues
very early in the process, long before code is reviewed and pushed into the production
environment.
The Results
BOK Financial implemented a code security solution to protect against supply chain
attacks while keeping code assets private and secure only on company-owned servers
and environments.
By integrating SpectralOps into the software development process and automating code
security from the core, BOK Financial were able to shift security left in the SDLC.
Spectral was able to significantly move the needle on 2 significant areas: securing our code from supply chain attacks and shifting the information left in the security stack
About Spectral
Spectral is a lightning-fast, developer-first cybersecurity solution that secures source code and
other developer assets. It finds and protects against harmful security errors in code,
configurations, and other artifacts. Spectral employs the first hybrid scanning engine, combining
AI and hundreds of detectors, ensuring developers can code confidently while protecting
companies from high-cost mistakes.
Spectral is free to try
Get in touch to start mitigating risk as soon as coding time