Establishing a Secure Foundation: Fortifying a Leading Life Insurance Company with Noventiq’s Managed Security Services
A prominent joint venture between a leading public sector bank and a global financial institution, provides a comprehensive range of life insurance products across individual and group space. Their products include life, health, online term plans, retirement solutions, credit life, and employee benefit segments, distributed through multiple channels. With a substantial and diverse client base, the organization is recognized for its commitment to providing innovative and tailored insurance services, meeting the evolving needs of customers across India.
Strengthening Infrastructure and Security with AWS and Noventiq
As the organization scaled their operations, they recognized the need to fortify their infrastructure to adhere to rigorous security and compliance standards. They also required a partner to manage their infrastructure and security components. Also, they wanted a centralized security ecosystem with advanced monitoring capabilities. Additionally, being a financial player with access to sensitive information, the organization sought a robust framework for identity and access control to safeguard the information and ensure authorized access. Recognizing Noventiq’s proven ability to deliver managed security services and personalized, innovative solutions within the financial sector, the popular financial organization partnered strategically with us to navigate these challenges.
Our security services on AWS have been designed keeping in mind the client’s strong emphasis on compliance, defense-in-depth strategies, and the least privilege access. These efforts encompass:
- To adhere to AWS best practices, we have implemented an AWS Landing Zone architecture to separate organizational units and accounts for core AWS services and applications, enforcing separation of duties. AWS Control Tower has automated the creation and management of this structure. Amazon Guardrails have been used to enforce organization-wide security controls.
- A security architecture has been created using a mix of AWS Native and third-party solutions to enhance visibility, manage compliance, protect against DDoS attacks, secure web applications and APIs, perform URL filtering, control access, inspect traffic, and manage identities and accesses.
- Infrastructure access has been secured with a VDI setup featuring multi-factor authentication. VDIs are configured to block clipboard functionality to prevent data leakage from the organization’s infrastructure.
- Centralized identity and access management is being used through Privileged Access Management (PAM) to reduce the risk of unauthorized access.
- Highly available solutions have been deployed to scan all incoming traffic for malicious content. The solutions include an Intrusion Prevention System, antivirus, and anti-bot solution.
- Enterprise-grade firewalls are deployed to provide centralized visibility and granular traffic control.
- Web application firewalls (WAFs) are used to protect against DDoS attacks and other internet-based threats. Rigorous inspection of all internal traffic is being done by WAF.
- Centralized management and analysis of security logs is done by the customer’s Security Operations Center (SOC), while the Noventiq team takes care of timely actions and incident management.
- With an AWS solution, data is protected through encryption both at rest and in transit.
- Anti-malware solutions have been deployed on VDIs and servers to protect against malicious activities. VDI access is controlled by integrating the access mechanism with Active Directory.
- The Security Configuration Document (SCD) is regularly validated, revised, and updated based on changes in the AWS environment.
- Services have been implemented to manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles.
Managed Security Services’ Benefits for the Client
Conclusion
By strategically using AWS and implementing a robust security architecture, Noventiq has strengthened the organization’s infrastructure and has ensured business continuity. The implementation of managed security services, coupled with advanced threat detection and response capabilities, has enhanced the organization’s security posture. This collaborative effort has resulted in a resilient and secure IT environment, enabling the organization to focus on its core competencies while safeguarding sensitive customer data.