Source URL: https://cloud.google.com/blog/products/chrome-enterprise/how-cake-vietnams-leading-digital-bank-found-the-right-mix-of-simplicity-and-security-with-chromeos-and-chrome-enterprise/
Source: Cloud Blog
Title: How Cake, Vietnam’s leading digital bank, found the right mix of simplicity and security with ChromeOS and Chrome Enterprise
Feedly Summary: Editor’s note: Today’s post is by Hiển Từ Thế (Jay), Chief Technology Officer for Cake Digital Bank, a prominent digital-only bank in Vietnam offering a comprehensive suite of financial services entirely through its mobile application. As a technology forward company, they chose ChromeOS to support staff with seamless deployment, ease of management, and streamlined security tasks.What does it take to be a successful digital bank? For Cake, Vietnam’s largest digital bank, it means thinking like a technology company first. Launched in 2021, Cake has rapidly emerged as a key player in the country’s burgeoning fintech landscape, reaching profitability in just a few years—a milestone achieved by only the top 5% of digital banks worldwide.As a technology-driven bank, we constantly navigate the need to stay secure and compliant while continuing to innovate. To address this challenge, we adopted a more flexible approach—one in which ChromeOS and Chrome Enterprise supported our transition.Being a leading digital bank in Vietnam, with an average increase of more than 30% in the number of customers each year, while still having to comply with risk management and banking regulations, we face many challenges in IT system management such as growth rate, product and service diversification, flexible expansion, maximum security and safety. We needed a solution that was secure, easy to manage, and empowered our employees to do their best work without friction.Securing enterprise browsing from the startWe began by deploying Chrome Enterprise to ensure secure access to corporate apps across all employee devices. With built-in protections like Safe Browsing, sandboxing, file scanning, and password alerts, Chrome Enterprise helps us reduce risk from malicious sites, downloads, and unsafe user behaviors.To meet more advanced needs, we adopted Chrome Enterprise Premium, which lets us enforce centralized access controls, data loss prevention, and real-time protection against threats like phishing and ransomware. We also apply context-aware access policies based on identity, location, and network to support a zero-trust security model.Extending protection with cloud-first devicesWe took the next step by rolling out Chromebooks, which run on a read-only OS that blocks executables—minimizing ransomware risk and reducing our attack surface. ChromeOS adds another layer of protection with sandboxing, device-level DLP policies, and seamless automatic updates that don’t disrupt work.We also used ChromeOS Flex, a no-cost cloud-first OS offered by Google, to convert and revitalize our existing PCs and Macs—no new hardware required. In a short period of time, we only needed one IT staff to convert 50 devices. The process was fast, cost-effective, and easy for employees, with no extensive training needed. We started with frontline, support, and back-office teams, and the results were immediate.The results speak for themselvesBy implementing Chrome Enterprise and ChromeOS, we didn’t just solve our security and management challenges—we enhanced our entire model.Chrome Enterprise enhances our data security by centralizing control within the browser. This approach prevents sensitive information from being stored on local machines, significantly reducing the risk of data leakage. Through browser settings and Chrome Enterprise policies, we can effectively manage data, control access, and remotely configure settings such as device controls and screen lock, ensuring our secure data remains protected.Streamlined bank audits and empowered ITThe read-only nature of ChromeOS makes navigating our rigorous bank audits and achieving certifications like ISO and BCIS significantly easier. Furthermore, our lean IT team is more empowered than ever. Using policy as code templates, we can make sure the same protections and access restrictions are applied to everyone. Our team can deploy and manage our entire fleet with incredible efficiency. With ChromeOS, we don’t have data stored locally on our devices and it is very easy to control and manage the flow of company information as there is no data going out.Chrome Enterprise and ChromeOS provide an integrated and secure stack that aligns with our tech-forward mission. The Google Admin console offers centralized control over all device and browser settings, enabling us to enforce policies, audit compliance, and safeguard our data with ease. By utilizing pre-configured templates, we eliminate complex setups and ensure consistent policy application across all users and devices.Foundation for the future of fintechFor us, choosing ChromeOS and Chrome Enterprise wasn’t just a technical upgrade; it was a business decision that gave us peace of mind while reinforcing our identity. It allows us to attract top talent with a modern, flexible work environment while assuring regulators and customers that their security is our top priority. As we continue to pioneer the future of banking in Southeast Asia, our journey proves that with the right tools, you really can have a flexible working environment while maintaining security compliance in the fintech space.
AI Summary and Description: Yes
Summary: The text discusses Cake Digital Bank’s strategic adoption of ChromeOS and Chrome Enterprise to enhance security and compliance while fostering innovation in the fintech landscape of Vietnam. This focus on security measures such as zero-trust, data loss prevention, and risk management highlights important insights for professionals in the fields of cloud computing and security.
Detailed Description: The text outlines Cake Digital Bank’s technological evolution as a digital-only bank in Vietnam and the critical role of security and compliance in their operations. Here are the major points:
– **Company Overview**:
– Cake Digital Bank operates entirely through a mobile application.
– Launched in 2021, it has quickly become a significant contender in Vietnam’s fintech market, achieving profitability within a few years, a feat accomplished by only a small percentage of digital banks globally.
– **Security and Compliance Challenges**:
– As the bank grows, it faces challenges such as maintaining security while complying with banking regulations and managing IT systems effectively amidst rapid customer growth.
– **Deployment of Chrome Enterprise**:
– The bank initially deployed Chrome Enterprise for secure access to corporate applications on all employee devices.
– Key features included built-in protections like Safe Browsing, sandboxing, and password alerts, aimed at reducing risks related to malicious sites and unsafe behavior.
– **Advanced Security Needs**:
– Cake moved to Chrome Enterprise Premium for more robust security measures, including centralized access controls and real-time threat protection against phishing and ransomware.
– The implementation of context-aware access policies aligned with a zero-trust security model.
– **Introduction of Cloud-first Devices**:
– Rolling out Chromebooks running on a read-only OS minimized ransomware risk and expanded security by reducing the attack surface.
– The implementation of ChromeOS Flex allowed the bank to convert existing devices cost-effectively, significantly cutting down the time and resources needed for IT maintenance.
– **Impact on Operations**:
– By implementing Chrome solutions, the bank improved its overall management model and data security.
– Centralized control prevents sensitive data from being stored locally, thus mitigating the risk of data leakage.
– **Compliance and Auditing**:
– The read-only nature of ChromeOS supports easier navigation through rigorous bank audits and accreditation processes.
– The bank’s lean IT team was empowered to efficiently manage device fleets and security policies thanks to policy as code templates.
– **Long-term Vision**:
– Utilizing ChromeOS and Chrome Enterprise is framed not just as a technical upgrade but as a strategic business move to enhance workplace flexibility while ensuring security compliance.
– The bank aims to lead in the fintech sector in Southeast Asia, demonstrating that security and innovative work environments can coexist.
Bullet Points:
– Adoption of ChromeOS for improved security and management in a digital banking environment.
– Focus on zero-trust models and centralized data controls to minimize risks.
– Emphasis on cost-effective transitions and employee empowerment through technology.
– Achievements in compliance and audit facilitation through modernized IT practices.
– Commitment to maintaining a secure, flexible working environment to attract talent and assure stakeholders.
In summary, Cake Digital Bank’s experience provides valuable insights for security and compliance professionals in fintech and beyond, illustrating the effective integration of modern technology into banking operations while addressing critical security challenges.