Welcome » Case Studies » Doccle & AWS – Security In The Cloud
AWS CASE STUDY
DOCCLE:
Security In The Cloud
Cloudar assisted Doccle in their migration to the AWS cloud while enhancing security and leveraging the cloud-native possibilities. Cloudar also reviewed and advised on the Information Security Management System (ISMS) of Doccle, enabling the renewal of their ISO/IEC 27001 certification afterwards.
And so, one of the customer’s biggest projects ever, turned out to be a great success.
CUSTOMER:
Doccle
PROJECT:
FIRST LAUNCH:
April, 2022
Customer Profile
Doccle is an online platform for receiving, handling and storing invoices and documents from a wide range of different companies. You can organise your administration, or that of several persons, centrally in one location.
The principle is very simple: create an account on Doccle, and in this account add companies from which you want to receive your documents. The more companies you add, the more documents you will receive.
All your documents are stored automatically in a tightly secured archive, for as long as legally required. That means that you no longer need to find out how long you should keep a particular document, or where it is located. Moreover, you can add up to another 2,000 personal documents to your archive for free.
We guarantee that Doccle will be entirely free today and forever for those who receive documents.
Customer Challenge
The migration of the Doccle environments to the AWS Cloud was one of the biggest projects so far for the customer. Not only did they want to move away from the on-premises datacenter, but they also wanted to optimize on all Well Architected pillars. And this all had to be done before the tight deadline.
Due to the nature of the business, security is the top priority. The new environment would have to be in line with industry best practices and the local privacy laws (GDPR), and the customer wanted to be confident about the security posture.
The ISMS documents had been written back in the days of the on-premises hosting and therefore needed to be updated to match the new situation.
“For a project like this, you want a strong and dependable partner. We couldn’t have made a better choice.”– PETER DE RUDDER – COO DOCCLE
Our Solution
Since Cloudar is already a Migration Partner, it had everything it takes to guide the customer through the migration project.
All projects Cloudar delivers, including al AWS infrastructure setups, comply with the European and Belgian privacy and data protection legislation (GDPR).
To tackle the security concerns, Cloudar assigned an engineer who holds the AWS Certified Solutions Architect and Security Specialty certification. He started by interviewing the customer’s CTO, CISO and development lead to identify concerns and understand the application workflow. Questions were answered and everything was documented.
Cloudar organized an AWS IAM workshop which covered users, roles, groups, policies, MFA, SSO, IdP integration, Least Privilege Principle and other security best practices. After this session, the new IAM layout was designed.
Also a Well Architected Review was executed. The findings were discussed and handled separately.
Next, Cloudar leveraged Trend Micro Cloud Conformity to assess the environment and report and remediate the findings, nicely ordered by severity.
Finally, since Cloudar has been ISO/IEC 27001 certified itself since 2018 now, this know-how and experience was used to review and update the customer’s Information Security Management System and align it with the AWS services and resources.
Result & Benefits
The migration works finished well before the deadline, allowing a comfortable amount of time left for final testing and preparations before going live. The estimated budget was not exceeded, in fact it turned out to be very accurate.
The new environment shows an increased overall performance and loading time were reduced with up to 0.5 seconds. Thanks to the cloud-native infrastructure which allows for much better flexibility and cost-savings, the monthly IT cost went down drastically by a quarter and the availability of the platform has increased to 100%.
Security risks were identified and mitigated well before go-live. Thanks to the implementation of the Trend Micro tool “Cloud Conformity” combined with native AWS services such as Guard Duty, the environment is constantly monitored and new security or privacy issues are detected instantly. The customer no longer depends on others but now has a direct, continuous and detailed insight on their security status and GDPR compliance. The results are reviewed on a regular basis.
A penetration test performed by a 3rd party did not reveal any high risks.
Soon after the project went live, the customer also passed their new ISO/IEC 27001 certification audit successfully.
The migration works finished well before the deadline, allowing a comfortable amount of time left for final testing and preparations before going live. The estimated budget was not exceeded, in fact it turned out to be very accurate.
The new environment shows an increased overall performance and loading time were reduced with up to 0.5 seconds. Thanks to the cloud-native infrastructure which allows for much better flexibility and cost-savings, the monthly IT cost went down drastically by a quarter and the availability of the platform has increased to 100%.
Security risks were identified and mitigated well before go-live. Thanks to the implementation of the Trend Micro tool “Cloud Conformity” combined with native AWS services such as Guard Duty, the environment is constantly monitored and new security or privacy issues are detected instantly. The customer no longer depends on others but now has a direct, continuous and detailed insight on their security status and GDPR compliance. The results are reviewed on a regular basis.
A penetration test performed by a 3rd party did not reveal any high risks.
Soon after the project went live, the customer also passed their new ISO/IEC 27001 certification audit successfully.