DBS Provisions + Secures More Infrastructure with Puppet-Powered Self-Service

DBS Bank Limited is a Singapore-based financial services group regularly named one of the world’s best and safest banks by Global Finance, The Banker, and Euromoney. It also boasts “AA-” and “Aa1” credit ratings, among the highest in the world. The financial services leader relies on Puppet to automate and orchestrate vital functions that let their team scale hybrid infrastructure spanning six countries and public cloud.

Benefits of Using Puppet:

Reduced provisioning turnaround from days to minutes.

Created a self-service platform to let admins build, run, and manage infrastructure.

Streamlined infrastructure readiness checks, including security hardening.

Reduced config remediation effort from 13 staff to three, freeing up valuable time.

Challenge: Manual Tasks, Disparate Methods + Time-Consuming Compliance

Prior to Puppet, non-standard processes introduced error, delays, security risks, and noncompliance into DBS’s infrastructure provisioning and management processes. Additionally, sysadmins lacked the coding skills needed to develop applications for service consumption. In place of self-service, a complex provisioning process required sysadmins to fill out over 1,400 form fields on over 30 forms across more than 20 portals – and then wait up to 3 days, depending on the complexity of the request.

“Overall, it’s not a joyful experience for developers and the operations team,” said Jit Soon Koh, Regional Head, Service Delivery Engineer-Systems Admin/Engineering at DBS.

Watch DBS Bank’s Presentation at Puppetize Digital

Security configuration management was also a manual process at DBS. To meet heavily customized compliance requirements, a team of 13 would regularly generate and review reports and remediate configurations between cycles – an already lengthy process that took more and more time to manage as the number of servers increased each year.

Results: Faster Work, More Secure Infrastructure + Better DevOps ROI

“Infrastructure delivery and setup was at our fastest – or so we thought. We have reduced overall turnaround time from months to weeks.”

Jit Soon Koh, Regional Head, Service Delivery Engineer-Systems Admin/Engineering at DBS

Puppet underpins DBS’s proprietary self-service and security configuration management frameworks at scale. With Puppet, DBS...

  • Simplified those cumbersome form inputs.
  • Increased efficiency by removing coding work from sysadmins’ plates.
  • Reduced turnaround times by standardized the provisioning process.
  • Automated common IT tasks to let teams focus on initiatives that matter most to the organization.
  • Created the Technology Marketplace, a self-service portal between end users and underlying infrastructure, where users can build, run, and manage infrastructure. The portal makes over 175 products available to users, including AppSys for application tasks and SecureSys for security configuration management.

AppSys: Application Self-Service for System Management

AppSys is an application self-service portal that DBS uses to automate end-to-end delivery of infrastructure components, with Puppet as the main automation engine.

AppSys tasks are categorized into filesystem services (storage), ID management (ID groups, password vaults), system services (OS config, services, and restarts), and software services (installation management). With AppSys, tasks that took weeks to complete are now completed in days.

SecureSys: Security Configuration Management

To meet their security configuration management goals, DBS developed an in-house security system, SecureSys, to enforce security conformance end-to-end. Built on Puppet automation, SecureSys serves as the overarching framework that underpins their automation. Puppet Enterprise acts as the automation orchestrator engine and serves as the backend support for all other components.

With Puppet Enterprise, DBS has made significant progress with their SecureSys framework, moving from monolithic and manual configuration management to an automated and scalable solution. They have seen substantial benefits:

  • Staff effort reduced from 13 to three
  • Auto-healing drift from mandatory configurations
  • Real-time report generation with scans running every 30 minutes
  • Streamlined deviation handling alongside baseline enforcement

With all these frameworks in place, DBS is set to keep pace with the ever-changing needs of their ever-growing organization.

What Would You Do with Puppet?

You could be the next case study for increasing efficiency, removing bottlenecks, and reaching DevOps excellence with Puppet. Get in touch with us to find out how.