Recap of Financial Services Roundtable with IBM, Deutsche Bank, and Stash

The role of real-time observability for banks and financial service providers

July 20th, 2020

Humio’s Morten Gram and IBM’s Joerg Kleine-Gung co-host a Financial Services Roundtable with representatives from Deutsche Bank and Stash, giving attendees an insider’s view into how live observability speeds up services and cuts costs for financial service providers. Both companies use Humio’s log management to get an accurate live picture of their systems and have a central location to diagnose and troubleshoot issues.

These two customer stories – one from a Fintech startup and one from an established international bank – show the versatility of Humio as it provides benefits for both public-facing cloud environments and self-hosted internal structures. Deutsche Bank primarily uses Humio to augment observability for their SIEM for their Fixed Income and Currencies (FIC) systems, while Stash uses it to boost development and security work for their retail banking systems.

How Banks and Fintech use Humio

If you have the logs in one place you can identify it in a minute, if not, you can spend hours on this honestly.
Evgeniy Balenko

Head of FIC DevOps/SRE at Deutsche Bank

Representing Deutsche Bank, Evgeniy Balenko, Head of FIC DevOps/SRE, provides a window into what it takes to meet financial regulatory requirements in Russia. Apparently, there are no statutes of limitation on liability, so ideally you want to keep records of everything indefinitely. Fortunately, Humio’s advanced compression of log data by 5-20x systematically reduces how much they have to spend on storage servers.

We find it very valuable on the operations side and the security side. With regards to threat-hunting, it is very valuable for us to do proactive engagement. Humio is a big part of that.
Gavin Grisamore

VP Head of Information Security at Stash

Evgeniy sums up the vital benefit of centralized logging in a clear message as an easy means of debugging and finding the root causes of performance or security issues.

Representing Stash, Gavin Grisamore explains how his company faces challenges gaining observability due to the event-driven, service-oriented nature of their architecture. In their system, operations and security teams in particular need a centralized place to go to assess problems in their system. Log management plays a vital role in the face of complexity. Because their mobile banking app serves a variety of customers of IOS, Android and web, Stash needs to pull logs from a variety of proxy endpoints.

Real-time logging is vital for financial services

It’s not just about collecting all the logs centrally. Both Gavin and Evgeniy agree that for their financial service organizations, real-time access to those logs is vital. Evgeniy relates how a simple five-minute delay can be multiplied by how many systems you have. If you have 100 systems, it ends up being a 500-minute delay, at which point you don’t have an accurate on-time idea of what is going on in your system.

Gavin expands on this concept, noting that there are human time infrastructure costs that are affected by a delay in data and that the most important thing is reacting to errors before they affect customer experience. Without log management, Evgeniy notes that conference calls may be required with the heads of other departments to get access to the right data.

Examining the challenges of monitoring

“You don’t know what you’re going to need in a security incident. A lot of effort is going into logging more so you don’t have to make those tradeoffs.”
Gavin Grisamore

VP Head of Information Security at Stash

There are several factors driving the complex systems financial services must contend with to achieve observability. DevOps culture has accelerated production speed while making observability an afterthought. In order to keep pace, operations and security teams need simple and flexible monitoring tools that can be easily inserted into the equation.

Gavin and Evgeniy explore the nature of trading off costs of logging everything vs. not having valuable data when you need it. Gavin shares a story of how he was investigating an incident he needed data about a data exfiltration that happened four days in the past, and he only had three days of network data retention. Evgeniy tells a similar story of how his company needed data from years ago to prove they charged certain rates for transactions. He couldn’t find it, and it cost his company financially.

There is a sliding scale of data collection from data-rich network logs, including NetFlow logs, and system logs. Companies have quite a lot of control over how much they collect. Ideally, they should be able to log everything. Realistically, many make a judgment call about how much to log because it costs them storage space and money. Humio is an ideal solution because it facilitates maximum logging.

With Humio, you can set it and forget.
Evgeniy Balenko

Head of FIC DevOps/SRE at Deutsche Bank

Open-source monitoring software is not only storage-hungry, but it often requires a massive maintenance lift. Evgeniy reflects on the human costs of running an ELK stack. His team needed work on it every day, configuring replicas and preparing backups for when the primary server is down. With Humio, there is virtually no maintenance time.

Migrating to a new log management solution is easier with Humio. Stash simplified their transition by decoupling their log storage from their log shipping technology in advance of their move. Humio is platform agnostic when it comes to log shippers. It simply works with your previous solutions.

Explore more of the challenges these two financial institutions face and how they overcome them by using Humio log management by watching the on-demand recording of our Financial Services Roundtable.

Read about how Humio’s cost-saving, flexible features that make it the preferred log management for financial institutions in one of our case studies: M1 Finance, SpareBank 1, and Lunar.

Hear the story of how M1 Finance found Humio to be an indispensable tool before their free trial was up in our podcast: Humio at M1 Finance with Steven Gall.

Get started with your own free 30-day trial of Humio.