Hero FinCorp Achieves High Availability & Security on Amazon Cloud
01. Customer Challenge
HFC is using FinnOne, a loan lifecycle management software to manage its lending business which covers initial contact with customer, loan servicing and delinquency management.
The customer wanted to migrate the application to AWS Cloud for the following reasons:
02. Umbrella Solution
Umbrella configured FinnOne deployment in AWS Mumbai region leveraging AWS Well-Architected Framework which includes using two availability zones (AZs) to ensure applications are always available. The architecture ensures HFC applications and database will run independently and simultaneously in two AWS regions, so core operations will remain unaffected even if one region goes down.
Further HFC corporate office has been connected to AWS region with a Direct Connect service to ensure security and high-speed data transfer.
Since close monitoring is equally important to ensure availability, so AWS Managed services CloudWatch along with third-party tool CloudHealth keep track of application and database metrics via dashboards and alerts to take proactive measures whenever required.
Umbrella used several best practices including layered architecture segregating application and database while filtering traffic to these layers via another virtual network. Separate environment for production and development purposes have also been configured for higher compliance.
Another best practice is to minimize the surface area of attack and Umbrella used the policy of least privilege access based on security groups. At the resource level Umbrella configured CIS best practices to harden virtual servers, widely used in financial services. Also AWS log monitoring service keeps a close watch on who accesses what resources.
Migration timing was chosen carefully on a weekend during regular maintenance, so business operations were not affected at all.