{"id":75970,"date":"2026-04-29T10:15:58","date_gmt":"2026-04-29T10:15:58","guid":{"rendered":"https:\/\/www.cloudthat.com\/resources\/?post_type=resources&#038;p=75970"},"modified":"2026-04-29T10:15:58","modified_gmt":"2026-04-29T10:15:58","slug":"eliminating-critical-infrastructure-gaps-to-achieve-100-environment-isolation-and-regulatory-aligned-gcp-modernization","status":"publish","type":"resources","link":"https:\/\/www.cloudthat.com\/resources\/case-study\/eliminating-critical-infrastructure-gaps-to-achieve-100-environment-isolation-and-regulatory-aligned-gcp-modernization","title":{"rendered":"Eliminating Critical Infrastructure Gaps to Achieve 100% Environment Isolation and Regulatory-Aligned GCP Modernization"},"content":{"rendered":"<p>The client is a BSE and NSE-listed, diversified Indian financial services group headquartered in Mumbai with over five decades of experience. Its businesses span Corporate Advisory and Capital Markets, Wealth and Asset Management, Private Markets, and Affordable Home Loans, earning numerous national and international accolades for advisory expertise and execution capabilities.<\/p>\n","protected":false},"author":325,"featured_media":75971,"parent":0,"template":"","cat_resources":[6],"technology":[7216],"published_by":"325","primary-authors":["363","882"],"secondary-authors":["325"],"acf":{"banner_image":75972,"resources_label":"","download_url":"https:\/\/content.cloudthat.com\/resources\/wp-content\/uploads\/2026\/04\/JMFL-Case-Study.pdf","client_logo":"","highlights":{"first_part":{"icon":336,"title":"100%","subtitle":"Environment Isolation Achieved"},"second_part":{"icon":335,"title":"24 hours","subtitle":"Critical SCC vulnerability remediation SLA"},"third_part":{"icon":334,"title":"90 days","subtitle":"Automated Secret Rotation Cycle"}},"the_challenge":"The client faced critical operational and security gaps where UAT and Production workloads were co-hosted on the same VMs, deployments relied on manual Jenkins triggers and informal WhatsApp\/Email approvals with no SOPs, and automated OS patching was absent, with critical SCC findings left unresolved. Over-provisioned compute resources masked inefficiencies and inflated costs, while the entire cloud environment was confined to a single region with no disaster recovery mechanism.","client_testimonial":{"image":"","description":"","author":""},"solutions":"\u2022 Identified and decoupled UAT and Production workloads by establishing dedicated GCP Projects and VM instances to eliminate resource contention and security leaks.\r\n\u2022 Transitioned from manual user-based IAM to Role-Based Access Control (RBAC) using Google Workspace groups and implemented Workload Identity for GKE to replace long-lived service account JSON keys.\r\n\u2022 Configured GCP OS Patch Management to automate updates and integrated SCC alerts into Slack\/Jira to ensure Critical vulnerabilities are remediated within a 24-hour SLA.\r\n\u2022 Replaced manual triggers with a modern CI\/CD workflow using GitLab webhooks and mandatory automated testing (unit, integration, and security) to block unstable code from reaching Production.\r\n\u2022 Designed a Pilot Light DR architecture in the Delhi (asia-south2) region, utilizing Cloud DNS for rapid failover during regional outages.\r\n\u2022 Upgraded the network perimeter to an Active\/Active Palo Alto firewall configuration to ensure a high-availability posture.","the_results":"Achieved 100% environment isolation, real-time compliance visibility, automated secret rotation, cross-region DR readiness, and full SEBI regulatory alignment with standardized SOPs.","about_client_left_side":[{"field_63315a4dc06e1":"15085","field_63315a5bc06e2":"Industry\u00a0","field_63315a61c06e3":"Financial Services"},{"field_63315a4dc06e1":"15083","field_63315a5bc06e2":"Expertise\u00a0","field_63315a61c06e3":"Google Kubernetes Engine, Compute Engine, Cloud DNS, GCP OS Patch Management, Security Command Center (SCC)"},{"field_63315a4dc06e1":"15084","field_63315a5bc06e2":"Offerings\/solutions\u00a0","field_63315a61c06e3":"Comprehensive 6-Pillar GCP infrastructure assessment and modernization with environment segregation, security hardening, GitOps automation, and disaster recovery planning."}]},"_links":{"self":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/resources\/75970"}],"collection":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/resources"}],"about":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/types\/resources"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/users\/325"}],"version-history":[{"count":2,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/resources\/75970\/revisions"}],"predecessor-version":[{"id":75975,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/resources\/75970\/revisions\/75975"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/media\/75971"}],"wp:attachment":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/media?parent=75970"}],"wp:term":[{"taxonomy":"cat_resources","embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/cat_resources?post=75970"},{"taxonomy":"technology","embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/technology?post=75970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}