Case Study

Security and Disaster Recovery

At TM Grupo Inmobiliario they are very aware of the importance of security. That’s why we were given the task of improving the security of their website. Web portals are the first point of entry and the place where the organisation’s security is tested.

DETAILS

Company: TM Grupo Inmobiliario

TM Grupo Inmobiliario - Elige tu casa, elige tu vida

Current State Analysis 

Web Platform Components 

  • All critical components, including web servers, databases, and application frameworks, have been identified. 
  • An evaluation of the current versions and applied security patches has been conducted. 

Update Process 

  • A structured process is in place to ensure that all components are regularly updated with the latest security patches. 

Re-architecture of the Web Platform 

  • A re-architecture initiative has been undertaken to enhance both security and scalability. 

Deployment of New Services 

  • New services have been deployed, including a Content Delivery Network (CDN) for improved performance and availability, as well as a Web Application Firewall (WAF) to protect against vulnerabilities and attacks. 

Availability and Security Testing 

  • Regular availability and security tests are performed to ensure reliability and ongoing protection against threats. 

Proposed Enhanced Architecture 

AWS Infrastructure 

  • Continue leveraging AWS for its robustness and scalability. 
  • Deploy EC2 instances for web servers and utilize RDS for databases, ensuring proper security configurations and automated backups. 

Microservices Architecture 

  • Maintain a microservices architecture to enhance flexibility and isolate critical components. 
  • Use Docker containers managed with Amazon ECS (Elastic Container Service) to simplify management and scalability of microservices. 

Enhanced Security Measures 

  • Implement AWS IAM (Identity and Access Management) for granular access control and enforce the principle of least privilege. 
  • Utilize AWS WAF to protect web applications from known vulnerabilities and common attacks, fine-tuning rules to match the specific traffic patterns of the website. 

CDN Integration 

  • Configure AWS CloudFront as a CDN to optimize the delivery of both static and dynamic content, improving site loading speed and reducing latency for end-users. 

Monitoring and Incident Management 

  • Deploy AWS CloudWatch for real-time monitoring of key performance and security metrics. 
  • Set up alerts for security events and establish an incident response plan to quickly mitigate any threats or intrusions. 

 

Following the development of the project, the increase in security was significantly increased and this increase was validated by an Ethical Hacking Audit.

Close and constant treatment at all times to improve the business.

We are very satisfied with the service, we feel very accompanied in all operations, we receive excellent and fast attention, in fact it is a service we recommend. Cloud Levante for us has been a fundamental pillar in the deployment of all our group websites on the AWS platform.

Gabriel De Bonis

CTO, TM Grupo Inmobiliario

REQUEST A PROOF OF CONCEPT

Shall We Talk?

Contact us to find out how technology can help people looking to drive their business.

Office

Alicante Science Park, 03005 Alicante, Spain