Xinja is Australia’s first crowdfunded mobile-based neobank who were granted their restricted banking license in December 2018. Xinja is well on its way to building an independent, 100% digital bank.

The challenge for our client

To apply for a banking licence under the Australian Prudential Regulation Authority (APRA) regulations, Xinja needed to ensure the security of customer data. Because it has no physical office infrastructure, Xinja sought our expertise in delivering an entirely cloud-based solution that would meet each of APRA’s strict requirements.

Our solution

Beginning with user identity, we implemented a cloud first Okta identity management solution to manage staff provisioning and application access controls for all Xinja applications and devices. Additionally, all corporate-owned and BYOD (Bring Your Own Device) devices were set up to be managed by the cloud-based Microsoft application Intune, providing a high degree of control for access, security patching and configuration.

To guard against data exfiltration from Xinja applications and cloud storage platforms, we implemented the Netskope Cloud Access Security Broker (CASB) platform to ensure data was secured both at rest and in transit. Netskope CASB works by configuring security policies for data blocking and access, and for training staff on usage of corporate data and policies.

Outcomes for our client

Whether Xinja staff are in their office or anywhere in the world, they can now access any applications needed, safe in the knowledge that all data are fully protected. Importantly, this means there is no need for any on premises infrastructure to manage the Xinja business.

Today, with one simple request, Xinja can provide or remove user access to all its systems and customer data. With our expert help, Xinja Finance has a workable solution that will meet the stringent APRA requirements necessary to apply for an Australian banking licence.