Challenges

The client faced challenges in strengthening their security posture to protect their AWS accounts and workloads from malicious activities and unauthorized access. They needed to enhance their threat detection and incident response capabilities. Additionally, they had multiple AWS accounts without a centralized network or single sign-on (SSO) integration, which made streamlined access management a challenge. Maintaining compliance with security standards and enforcing best practices were also essential requirements.

Searce Solution

Searce implemented a highly available, comprehensive, and robust security architecture, significantly strengthening security, protecting reputation, and ensuring trust & compliance. Here's how:

• Governance & Management Modernization
  • Deployed AWS Control Tower-based Landing Zone for fully automated governance
  • Ensured logical separation of environments and applications by using separate Accounts
  • Configured AWS Config Rules with auto-remediation rules
  • Introduced AWS SSO integrated with Active Directory and implemented least RBAC using Users/Groups
• Network Security and Perimeter Controls - Rationalization
  • Created Inspection VPC (Hub) for all communication within AWS, on-premise, and extended branch offices using Transit Gateway
  • Implemented IDS and IPS by using AWS Network Firewall in Inspection VPC
  • Created AWS WAF and implemented ACL in front of the application load balancer to restrict cross-site and SQL injection attacks
• Workload Security Controls - Safeguarding
  • Customized firewall rules - AWS network access control lists (NACLs) and Security groups based on each tier
  • Ensured all encrypted data was at Rest by using AWS key management service (KMS) and data in Transit by enabling transport layer security (TLS) communication in each tier
  • Implemented Host-Based Vulnerability Scanning - implemented AWS Inspector integrated with SSM for regular Host and Network Assessment
  • Implemented and Integrated CyberArk with the EC2 for Securely logging into EC2 instances
• Automated Deployments leveraging security - Streamlining
  • Rolled out highly secure DevSecOps into the deployment process
  • Built AWS CodePipeline using AWS Native Services
  • Introduced Application Scanning tools into the deployment process
  • Pushed the deployment logs to SecurityHub for Dashboarding and reporting

Business Impact

• Enhanced Customer Trust: Robust security measures strengthened end-customer confidence, increasing client retention and new customer acquisition.
• Regulatory Compliance: Achieved PCI-DSS compliance, enhancing the organization's reputation.
• Risk Mitigation: Enhanced threat detection and incident response reduced the risk of data breaches and unauthorized access, minimizing financial and reputational losses.
• Operational Efficiency: Centralized network management and SSO integration simplified access across AWS accounts, reducing overhead and boosting efficiency.

About the Client

The client is a global Assistance and Travel Insurance leader, providing coverage and support across more than 200 countries. Their services include emergency assistance, travel insurance, and various support solutions for individuals and businesses. The organization is known for its extensive network and expertise in delivering timely and reliable assistance worldwide.