Reward360 Global Services is a premier Loyalty Technology and Solutions Company. It wanted to develop a PCI-DSS compliant rewards management platform for banks in the country.
THE BUSINESS CHALLENGE
To design and build a loyalty management platform on the public cloud that would not only comply with stringent auditing requirements but also be scalable to other businesses
TECHNOLOGY COMPONENTS
Linux, Apache/Nginx/PHP/NodeJS/Angular, MySQL/MongoDB, Redis Cache, Memcached, Elastic Search, Content Delivery Network, Queue service, Application Load Balancers, Web Application Firewall, Application and host level Logging – ELK Stack, OSSEC, Security Incident Event Management – OSSEC, Cloud API log – AWS CloudTrail, PAM, EndPoint protector, Managed Detection and Response, Alert notification – AWS Simple Notification Service, IP whitelisting – AWS VPC Security Group, Layer 7 – Web Application Firewall, Host level firewall – iptables Vulnerability assessment – VAPT (OpenVAS + Nessus), Data in Transit encryption HTTPS – SSL Certificates
THE APPROACH
Suggested and implemented a templatized cookie cutter model for predictable deployment on AWS Cloud due to the repetitive nature of audit requirements with the banking business
Made significant changes to the application architecture to accommodate compliance controls at various layers of the platform and to facilitate platform scalability
Leveraged a combination of various AWS services, open source solutions, and third party solutions to achieve the necessary compliance
Redesigned and redeployed the environment on AWS
Used Angular framework for building scalable web applications
TRANSFORMATIONAL EFFECTS
Reduced deployment time from 12 weeks to one week
Highly scalable environment
Option to deploy the platform as is for clients similar to banks in a cookie cutter mode
With the latest Memcached technology, able to solve many problems facing large data caches