IFFCO ebazar achieves continuous compliance & customer satisfaction with advanced monitoring solutions
01. The Application Environment
IFFCO’s ecommerce venture is a complex deployment requiring integrations with multiple third-party vendors such as logistics and delivery, warehousing facilities, payment gateways, etc. IFFCO has also integrated with Common Service Centres, the Government’s flagship initiative of providing e-services to rural population. More integrations will be required as the venture expands on the ground and more partners are onboarded.
The e-commerce application itself has several layers which includes applications to map the closest warehouse; tracking and delivery system; inventory management; reconciliation of returned goods and refund processes. Another application layer enables services in 12 regional languages.
The Web and Mobile applications are built using Magento on LAMP stack. It is deployed in high availability using EC2; RDS; Autoscaling; and ALB. For better customer experience, application is delivered via CloudFront.
02. Growth Pangs: Need for Consistent Performance & Monitoring
IFFCO’s ecommerce venture was expanding its physical reach and adding products. Considering the complex layering of applications, IFFCO needed to closely monitor its deployment to proactively address performance issues.
An overwhelming portion of its target customers were farmers from rural areas and most farmers were not tech savvy and an unsatisfactory ecommerce transaction will likely drive them away from a new mode of transaction. Therefore, the ecommerce application needed advanced monitoring to take preventive action and ensure highly availability at all times.
As a large cooperative with multiple stakeholders, IFFCO had stringent regulatory compliance; internal policy requirements; and sensitive customer information to protect. Any security breach would severely dent its equations with member societies as a key element of cooperative societies is trust.
Given these imperatives, IFFCO wanted to achieve specific operational objectives. This included
IFFCO needed a trusted partner to implement its performance and security objectives and turned to Umbrella to help achieve it.
03. Comprehensive Monitoring Delivers High User Satisfaction
Monitoring Cloud applications is fraught with challenges as visibility is greatly restricted without direct access to the underlying hardware. In a large deployment such as IFFCO, monitoring was even more challenging as existing tools did not provide visibility into all layers of complexities and the burgeoning customer base was not helping its case.
Considering the rapid geographic expansion and varied customer profile across strata, it was becoming increasingly difficult to predict traffic and user behaviour, and advanced monitoring capabilities were required.
So Umbrella implemented a comprehensive monitoring system that included threshold monitoring of infrastructure utilization; dynamic monitoring of environment and user behaviour; and predictive monitoring. CloudWatch custom metrics, Site 24×7 and Performance Insights monitors traffic and measures load on auto-scaled resources in a dynamic environment to provide alerts for thresholds breaches.
Yet threshold-based monitoring has its limitations as it does not pinpoint the root cause. Also, too many alerts end up creating confusion, missing the real picture and delaying the time to resolution.
To address this, we used New Relic anomaly detection based on intelligent algorithms which studies the incident data and learns over time, automatically aggregating, correlating and prioritizing the data to provide accurate insights into the root cause.
The APM monitors traffic to establish patterns and variations in user behaviour—such as traffic surge at a particular time of day or week; pinpoint demand for specific service or product category during a particular time of the year, etc.
Such information give enhanced visibility and provide useful context about existing issues such as latency, traffic, errors, and saturation to enable us to detect performance issues and get to probable root cause faster, isolate the source of the problem and fix it before it affects customer experience.
At the operations level we could corelate events and proactively provision resources during awareness campaigns and marketing initiatives while detecting anomalous behaviour—such as a traffic dip during the campaign season—to take preventive measures.
For example, during lean agricultural season when there is an unusual surge in application traffic even as there is no breach in threshold metrics, the APM can corelate the events and send an alert which enables Umbrella team to proactively investigate if there is any underlying reason and take appropriate measures.
IFFCO feels confident and empowered with the new monitoring solutions in place. Says Arvind Gupta, Head Technology “More importantly, the enhanced visibility via a combination of threshold metrics and anomaly detection has reduced the time to identify the root cause and we could address it immediately.”
To achieve the security objectives access to resources are IAM-based and launch environments are scripted in CloudFormation to programmatically enforce configuration compliance. Policies are continuously monitored by AWS CloudWatch, Config and CloudTrail to ensure adherence via log tracking. In case of deviation, CloudWatch triggers alert and notification is sent to take preventive measures.
04. Forging Closer Bonds & Winning Customer Trust
For IFFCO winning trust of member societies is a continuous process as a single breach can undo the confidence built over the years and ruin the brand equity of the organization.
Explaining the need for security and continuous compliance Arvind Gupta says “For an organization like IFFCO, enforcing security and compliance are not just technical objectives but the very foundation of our existence.”
Umbrella instituted compliance with CIS hardened servers to create golden AMI and used native AWS services Cloud Formation, AWS Config, CloudWatch, CloudTrail and Lambda to automate launch, monitor environment and remediate. Third-party tool CloudHealth helped governance with continuous adherence to CIS standards and AWS best practices.
In case of deviation AWS Lambda triggers auto-remediation measures such as denying access to an unauthorized port; shutting down an uncompliant resource; or notifying admin about noncompliance.