Web Platform Security & Compliance Assessment
Area
Scope
ABOUT
Dynamically growing international scale-up wanted to prepare its web-based platform (solution as a service over public cloud) for a rapidly increasing number of new users across different geographies. Solution needed to be compliant with many data privacy regulations and security standards. And at the same time, it had to meet performance and scalability requirements.
Compliance with data privacy regulations and other cybersecurity standards were top priorities to ensure business continuity and service resiliency. Lack of clarity about the current state of security maturity was blocking customer from offering services to corporate customers with high-security expectations.
A4BEE SECURITY FRAMEWORK
DELIVERABLES
Our team evaluated the existing infrastructure, technology, architecture and organizational processes and procedures. Whole assessment took about 6 weeks to fully covered following areas:
- Technology Assessment was focused on analyzing elements like staging environments, the security of the code, endpoints, and mobile infrastructure and security operations.
- Organization Assessment was focused on existing Business Continuity & Disaster Recovery procedures, policies & standards & guidelines and Risk Management.
- Architecture Assessment was focused on possible Single Point of Failures, scalability, and security plus elements like software development life cycle, documentation.
We defined recommended initiatives and improvements for the areas of cybersecurity and data protection across standardized domains. They included improving the architecture security maturity of all domains in scope and ensuring more focus on security and privacy architecture as well as governance due to the nature of the company’s business.
BENEFITS
Thanks to the assessment report Customer was able to define Cybersecurity Roadmap and Governance Risk Management framework. Customer has improved maturity of its technical, organizational and architectural security controls.