ValidSoft Limited - Biometric Software
Well-Architecture
Validsfot.com ValidSoft secures transactions with services that are incredibly simple for the user. ValidSoft remove the need for PINs, passwords, and security questions. Built around voice biometrics, multi-factor authentication protects Online, Smartphone, Card and Telephone transactions. ValidSoft work in the Enterprise, Financial Services and Government sectors.
Customer Challenges
This work is planned to be delivered on multiple phases.
ValidSoft, unexpected business growth, increased the needed to expand additional biometrics product services and expanding their hosting to
to use other AWS Services i.e. containers . Meeting with the business demand and expansions, Validosft was looking to establish a report based on Well-Architected review for AWS accounts, Main challenges for Validsoft were around controls around AWS accounts, i.e. human Identities, administrators, developers, operators, and consumers (third parties) for their applications that require an identity to access AWS environments and applications. Other challenges with use of strong sign-in mechanisms, i.e. enforce minimum password length, and educate your users to avoid common or reused passwords. Enforce multi-factor authentication (MFA) with software or hardware mechanisms to provide an additional layer of verification.
Our Solution
CloudiQS team carried out a Well-Architected Review (WAR) to ensure Validsoft AWS environment is aligned to best practice against the five pillars of the AWS Well-Architected Framework.
We recommended several remediation actions that corresponded with each of the following pillars:
- Operational excellence
- Reliability
- Cost optimisation
- Security
- Performance efficiency
As an AWS Partner, we perform Well-Architected reviews for ValidSoft AWS accounts and we identify urgent attention for “Security Pillar”
The Results
After working through the AWS WAR tool, CloudiQS team identified some high-risk items across two production workloads and Dev environment
CloudiQS then worked closely with ValidSoft team DevOps team to address these issues.
ValidSoft implemented some of our recommendations using their internal resources, and then CloudiQS to resolved those where in house expertise was available to resolve. Overall view:
- Force MFA authentications for all IAM users (portal login & CLI)
- Created least privileges custom build IAM Polices for least privileges for relevant teams
- Enabling MFA guard duty to protect ValidSoft infrastructure, and Software.
- Advised to enabling WAF and AWS Shield to protect against SQL injections and DDoS attacks for the web interfaces software’s.
All the above actions marked the completion of first phase of the project,
Next phase is to review the DevOps pipelines and build a new pipelines for the building AKS / AWS Fargate
Modernise your workplace with AWS Cloud technology
Whatever your challenge, we’re ready to help you solve it with our cloud strategy consulting services. Call our experts to discover how technology can work harder to drive your success.
