We are pleased to announce general availability of the expanded Blueprint for Federal Financial Institution Examination Council (FFIEC) regulated workloads. As more financial services customers moving to the Azure cloud platform, we wanted to expand the Blueprint to explain how to deploy four different reference architectures in a secure and compliant way. It also takes the guesswork out of figuring out what security controls Microsoft implements on your behalf when you build on Azure, and how to implement the customer-responsible security controls.
We have built an end-to-end solution for moving compliant workloads to Azure, and reducing the time required to do so, leveraging Microsoft’s experience in working with banks in the U.S. and around the globe. Why start from scratch when you don’t have to? This Blueprint provides guidance for the deployment of PaaS Web Applications, IaaS Web Applications, Data Analytics, and Data Warehouse architecture in Azure suitable for the collection, storage, and retrieval of sensitive financial data regulated by the FFIEC.
The FFIEC Blueprint now consists of:
- Four reference architectures, with supporting deployment guidance
- Threat models to understand the points of potential risk
- Security control implementation mappings which describes how the reference architecture supports each control
- Customer responsibility matrix which details the implementation of each objective is the responsibility of Microsoft, the customer, or both