OVERVIEW

In 2017, Australia announced its groundbreaking Consumer Data Right (CDR), which gives consumers greater control over their data and allows them to share that data with accredited third parties. This opened a world of opportunity for innovation and new consumer offerings in Australia’s banking industry.

Adatree was created to be a catalyst for this innovation, helping alternative banks and fintechs ensure compliance with legislative requirements—including authentication, consent, and APIs—in short timeframes. With the continuous assurance of Trend Micro Cloud One™ – Conformity, Adatree removes barriers for its customers so they can focus on developing new products to better serve their consumers.

CHALLENGES

Before the CDR, four large banks held the majority of market share of banking in Australia. The CDR has opened the door to new opportunities for more fintech and alternative banks. But before those organizations can capitalize on these opportunities, they must obtain accredited data recipient status in the CDR ecosystem. The technical standards for accreditation are steep—similar to the standards for creating a new bank—and most of the new players lack the technical resources and expertise to meet the requirements.

The founders of Adatree recognized the need for open banking solutions that can help organizations achieve accreditation so they can participate in the CDR.

“Our customers’ greatest challenge is to ensure a compliant cloud environment in a heavily regulated industry. Some fintechs take shortcuts around security in order to get up and running quickly. In collaboration with Trend Micro, we enable them to continue to move fast by taking care of compliance,” says Shane Doolan, chief technology officer at Adatree.

As a new startup itself, Adatree needed a security and compliance partner that could help it clear the way for its clients quickly, reliably, and efficiently. The company sought a security solution that leveraged automation for cloud security posture management (CSPM). In addition, they wanted to work with a security vendor that had a strong partnership with Amazon Web Service (AWS).

WHY TREND

Before selecting Trend Micro, Adatree considered another vendor but found that its solution required manual processes and lacked other features Adatree desired. “Conformity was compelling because it includes automation and integrates with AWS services. Our auditor was already familiar with Conformity, as well. So right away it ticked a lot of boxes for us,” says Doolan.

“The roadmap for the future of Trend Micro was another selling point. It told us that Trend Micro is a company that invests in their tooling. I’m swayed by companies that can show us current state and our future state,” says Doolan.

The reputation of Trend Micro was also a key component in Adatree’s decision.

“With a small team, speed and time efficiency are critical. If there are companies out there that are experts in their field and can do things better and cheaper than we can on our own, we want to take advantage of that. Trend Micro shortened a lot of conversations for us,” says Jill Berry, chief executive officer at Adatree.

SOLUTION

With Conformity, which Adatree purchased through the Trend Micro Cloud One listing on AWS Marketplace, the company gained a CSPM solution which provides real-time monitoring of nearly 1,000 cloud service configuration rules with easy to follow step-bystep remediation guides. In addition to its integration with AWS, Conformity supports Microsoft Azure™, and Google Cloud Platform™.

“Continuous assurance from a trusted third party, Trend Micro, which includes real-time cloud service configuration scanning and alerting, is very beneficial to us. It adds value to our business immediately,” says Doolan.

The actionable intelligence lets Adatree immediately improve its security posture so it can offer its customers a fast track to CDR compliance.

Conformity was also easy to use and quick to deploy.

“It’s genuinely like running a cloud stack. Anyone who has worked with any kind of infrastructure could have this up and running in five minutes. Once it was deployed, we got full visibility into our cloud environments in five to 10 minutes,” says Doolan.

RESULTS

Conformity also simplifies reporting, enabling Adatree to generate a wide variety of rich, detailed reports on its cloud security posture quickly and with an accuracy of more than 95%. This makes it a valuable tool for meeting the auditing demands of the CDR and other standards.

The fact that Conformity integrates with existing Adatree workflows means that the company can generate ongoing time savings and avoid expensive maintenance over time.

“Since we didn’t build the Cloud Security Posture Management solution ourselves, it freed us to focus on other critical areas of our business,” says Berry.

Conformity also allows Adatree to focus on growing its customer base.

“We like things to be fast and easy. It’s about ease of use with the customer, ease of use to get it up and running, and even the billing. If we can deploy an environment in a number of hours, and our client can have a compliance report that’s green within minutes, that’s good for our customers and builds trust,” says Doolan