Case Study
Security and Disaster Recovery
At TM Grupo Inmobiliario they are very aware of the importance of security. That’s why we were given the task of improving the security of their website. Web portals are the first point of entry and the place where the organisation’s security is tested.
DETAILS
Company: TM Grupo Inmobiliario
Current State Analysis
Web Platform Components:
- All critical components such as web servers, databases, and application frameworks have been identified.
- Evaluation of current versions and applied security patches has been conducted.
Update Process:
- A structured process is in place to ensure all components are regularly updated with the latest security patches.
Re-architecture of the Web Platform:
- A re-architecture initiative has been undertaken to improve both security and scalability aspects.
Deployment of New Services:
- New services like CDN for enhanced performance and availability, and a Web Application Firewall (WAF) for protection against vulnerabilities and attacks, have been deployed.
Availability and Security Testing:
- Regular availability and security tests have been performed to ensure reliability and ongoing protection against threats.
Proposed Enhanced Architecture
AWS Infrastructure:
- Continue leveraging AWS for its robustness and scalability capabilities.
- Deploy EC2 instances for web servers and utilize RDS for databases, ensuring proper security configurations and automated backups.
Microservices Architecture:
- Maintain the microservices architecture to enhance flexibility and isolation of critical components.
- Use Docker containers managed with ECS (Elastic Container Service) to simplify management and scalability of microservices.
Enhanced Security Measures:
- Implement AWS IAM (Identity and Access Management) for granular access control and enforce least privilege principles.
- Utilize AWS WAF to protect web applications from known vulnerabilities and common attacks, fine-tuning rules to match specific traffic patterns of the website.
CDN Integration:
- Configure AWS CloudFront as a CDN to optimize delivery of both static and dynamic content, improving site loading speed and reducing latency for end-users.
Monitoring and Incident Management:
- Deploy AWS CloudWatch for real-time monitoring of key performance and security metrics.
- Set up alerts for security events and establish an incident response plan to quickly mitigate any threats or intrusions.
Benefits and Expected Outcomes
Continuous Security
The implementation of this enhanced architecture and additional security measures will provide robust protection against known and emerging threats.
Increased Availability
Adoption of technologies like CDN and efficient management of microservices with containers will enhance operational efficiency and service availability.
Best Practices
Compliance with security standards such as OWASP and conducting regular audits will ensure the platform aligns with industry best security practices.
Following the development of the project, the increase in security was significantly increased and this increase was validated by an Ethical Hacking Audit.
Close and constant treatment at all times to improve the business.
We are very satisfied with the service, we feel very accompanied in all operations, we receive excellent and fast attention, in fact it is a service we recommend. Cloud Levante for us has been a fundamental pillar in the deployment of all our group websites on the AWS platform.
REQUEST A PROOF OF CONCEPT
Shall we talk?
Contact us and find out how technology helps people who want to boost their business.
Office
Alicante Science Park (UA campus extension) Alicante, 03005, Spain
