About the customer
ICICI Securities Ltd is a technology-based firm offering a wide range of financial services including investment banking, institutional broking, retail broking, private wealth management, and financial product distribution.
Customer challenge
- ICICI Securities faced the failure to apply Data Security, Security patches and Network Security that leave systems vulnerable in ISEC infrastructure.
- ICICI Securities requires secured infrastructure, Secure data for AWS to prevent threats, unauthorized access, DDOS attack prevention, visibility of actual user source IPs.
- They seek to establish comprehensive and multi-layered security framework, Data cipher tool that provide complete secured infrastructure.
Our solution
ACC proposed solution to mitigate this security threat effectively, we establish a comprehensive and well-structured patch management process.
Security Patches:- We have integrated manage engine tool with AWS Infra to remove vulnerabilities to securing the OS where all AWS servers connect to Manage engine for the patching.
We kept regular monitoring for updates, timely testing, and deployment. It was essential for us to prioritize patches based on their criticality, apply them promptly,
We had a contingency plan in case any issues arise. Automated patch management tools streamline this process and we ensure that known vulnerabilities are addressed promptly.
Data Security:- Thales has been integrated for the encryption to secure the data. Thales integrated with one of the AWS account which is work as a centralized KMS solution.
For all linked account keys will be create in centralized KMS account and which will used by all account resources.
Network Security:- ACC had proposed and implemented the robust multi-layered security framework by integrating Palo alto for traffic security, F5 WAF for URL filtering,
Proxy for Egress traffic inspection and security control where all the network resources implemented with HA solution.
Third party applications or solutions used
Yes, we have used 3rd part tools in few of the cases. We have use Palo Alto, F5 Networks, Thales, Manage Engine, Zabbix tool for monitoring
AWS services used
We have used many AWS services like:
AWS IAM
Amazon S3
AWS WAF
AWS TGW
Amazon VPC
AWS EC2.
Results and benefits
The outcome of implementing the solution for a robust patch management strategy using a combination of AWS services and third-party tools for an AWS infrastructure is a significantly enhanced security posture, improved system reliability, and reduced vulnerability to cyber threats.
- The solution not only addressed the immediate vulnerabilities but also established a complete secured infrastructure for ICICI Securities on AWS. This encompassed the implementation of a data cipher tool to ensure end-to-end encryption and a multi-layered security framework that fortified the AWS environment against potential threats and unauthorized access attempts.
- By achieving these outcomes, ICICI Securities successfully strengthened its security measures, ensured data integrity, and established a robust framework for safeguarding their infrastructure within the AWS environment.
About ACC
ACC is an AWS Advance Partner with AWS Mobility Competency. Awarded The Best BFSI industry Consulting Partner for the year 2019, ACC has had several successful cloud migration and application development projects to its credit. Our business offerings include Digitalisation, Cloud Services, Product Engineering, Big Data & Analytics and Cloud Security. ACC has developed several products to its credit. These include Ottohm – Enterprise Video and OTT Platform, Atlas API – API Management and Development Platform, Atlas CLM – Cloud Life Cycle Management, Atlas HCM – HR Digital Onboarding and Employee Management, Atlas ITSM – Vendor Onboarding and Service Management and Smart Contracts – Contract Automation and Management.