bizibox Security Enhancement with AWS and Automat-it

Table of Contents

Automat-it is our one-stop-shop for all our cloud business needs. They do a phenomenal job in providing migration services, support and more

bizibox was established with the aim of providing business owners, accountants and tax consultants with a user-friendly, simple system that delivers a professional solution to their financial and business analysis needs. With bizibox, business owners can view the most recent bank account and credit card activity, and the business’s up-to-date financial information, simply by clicking a button, on your mobile or PC – allowing them to make the best decisions for the business.

As a fintech startup, security is always a mandatory requirement. With the growth over time, bizibox decided to review the current security architecture and ensure it meets current standards and best practices. Automat-it, being a well-recognized AWS partner in the security vertical and having a Cloud Center of Excellence with a focus on security, was a natural choice.

The highlights of the implemented solution are:

  1. Infrastructure hardening and templating. This ensures easy secured scalability and data security even when access is compromised.
  2. Encryption of all layers.
  3. Security monitoring via Palo Alto Prisma Cloud

The solution utilizes Amazon Aurora PostgreSQL as the centralized, scalable database engine and Amazon ElastiCache for Redis for the caching needs. Most of bizibox’s workloads are hosted by Amazon Elastic Kubernetes Services, with the addition of the Amazon Elastic File System for shared data processing. AWS Lambda is used to perform event-driven data processing actions that are part of a complex ETL pipeline, orchestrated by Amazon Simple Queue Service and Amazon Simple Notification Service. As part of the solution, Automat-it also conducted a Well-Architected Review and Remediation. The Well-Architected Review is performed regularly to ensure continuous compliance with security best practices.

Benefits:

  1. A secured solution according to the latest best practices.
  2. Security issues detection and prevention.
  3. ISO27001 and ISO27799 certifications.