bizibox was established with the aim of providing business owners, accountants and tax consultants with a user-friendly, simple system that delivers a professional solution to their financial and business analysis needs.
With bizibox, business owners can view the most recent bank account and credit card activity, and the business’s up-to-date financial information, simply by clicking a button, on your mobile or PC – allowing them to make the best decisions for the business.
As a fintech company, security is a high priority. Following a period of ongoing growth, bizibox decided to review the current security architecture to ensure it meets current standards and best practices. Automat-it, being a well-recognized AWS partner in the security vertical with its own Cloud Center of Excellence with a focus on security, was a natural choice.
The highlights of the implemented solution are:
- Infrastructure hardening and templating. This ensures easy secured scalability and data security even when access is compromised.
- Encryption of all layers.
- Security monitoring via Palo Alto Prisma Cloud
The solution utilizes Amazon Aurora PostgreSQL-Compatible Edition as the centralized, scalable database engine and Amazon ElastiCache (Redis OSS) for the caching needs. Most of bizibox’s workloads are hosted by Amazon Elastic Kubernetes Service (Amazon EKS), with the addition of the Amazon Elastic File System (Amazon EFS) for shared data processing.
AWS Lambda is used to perform event-driven data processing actions that are part of a complex ETL pipeline, orchestrated by Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS). As part of the solution, Automat-it also conducted a Well-Architected Review and Remediation.
Automat-it implemented Amazon CloudWatch and NewRelic services for monitoring and tracing applications and infrastructure and also Automat-it provides NOC 24/7 service as an incident management services. Monitoring is configured for infrastructure key metrics like CPU, memory usage, traffic monitoring, for applications business metrics, for applications performance tracing and logging.
As a part of Operations Management, Automat-it implemented Infrastructure as Code approach for bizibox. All Terraform code is stored in a centralized git repository following the git flow best practices for change and patch management, therefore all infrastructure changes have approval and review chains. They are also integrated with ITSM processes. Bizibox has a dedicated AWS Organizations to control AWS accounts and manage billing and security aspects.
The AWS Well-Architected Review is performed regularly to ensure continuous compliance with security best practices. The extensive compliance reports are regularly generated and evaluated by the bizibox security team using Palo Alto Prisma Cloud.
Automat-it also acts as FinOps experts for bizibox. This includes regular cost optimization reports and ongoing monitoring. By doing so, under utilized resources are identified and handled, various commitments are made (like reserved instances and saving plans), storage usage is optimized, alerts on unexpected services usage are tracked and more.
Benefits:
- A secured solution according to the latest best practices.
- Security issues detection and prevention.
- ISO27001 and ISO27799 certifications.
- Ongoing FinOps services.
