Building a Secure, Scalable Platform-as-a-Service for Banks

About Customer

Synpulse is a global consulting partner elevating their clients in the financial sphere with tailor-made solutions, every step of the way. Providing high-quality, cost-effective consulting and technology services and solutions in the banking and Insurance sector.

Specialize in Tailor-made Core Banking Packages, Premium Pricing, Risk Optimization, Industrialization & Sourcing, Revenue-based Sales Controlling, Sustainable Process Management, Health Value Chain, Lean Client Relationship Management, Integrated Compliance, Insurance, Banking, Technology, Bespoke Engineering, Tech Advisory, and Ecosystem Partners Implementation.

Challenge

Synpulse needed to build a fully managed platform on AWS cloud for offering a platform as a service to banks to host their application for multiple customers.
They also wanted quick turnaround for provisioning of resources, automated deployments, scalable infra, security compliance and lower operational and support costs.

Solution

We have built AWS Organization setup (MALZ) with a control tower using AWS Account factory with Terraform (AWS AFT).
Terraform to manage the account creation and onboarding of AWS Account.
Deployed the App Stream service to bank users to use Microservices APIs from their network using AWS VPN Setup for UAT and SIT accounts.
Deployed and configured AWS Direct connect setup using third-party VPN service Fortinet VPN appliance for secure encrypted traffic from On-prem to AWS cloud from two different vendors and locations for Mastercard locations deployed AWS Network firewall as well for handling egress traffic for having two MFA authentications for EKS-hosted applications.
CICD pipeline for resource deployment with integration with Azure AD for secure platform access.
Open-Search dashboard for SOC monitoring logs OU-based approach in AWS organization to isolate customer environments.
As part of the security review process, we have also done the WAR for all accounts for the platform.
For managing OS vulnerabilities management with an automation approach, we have deployed custom AWS SSM documents to patch both Linux and Windows OS

Services/Tools Used

AWS (AWS Organization with Control tower)
AWS account factory with Terraform
AWS Hybrid DNS
AWS Network firewall
Fortinet appliance
CICD
EKS
App Stream service
Azure AD
OpenSearch

Key Business Highlights

We were able to set up an environment that is scalable, highly secure, automated, and resilient.

Enhanced Security: By using Fortinet VPN appliance, MFA, Dashboards for SOC monitoring logs, OU-based AWS organization, and Automated patching, the customer environment was made extra secure.
Scalability: Using MALZ with control tower using AWS AFT, a highly scalable environment was configured.
Cost savings: By using automated provisioning, patching and deployments, a lot of operational costs have been reduced.

PUBLISHED: 10th July 2024

Cloud Consulting, Strategy and Migration

Cloud Security Engineering

Application Assessment

Cloud Discovery & Optimisation

Cloud and Platform Modernisation

Cloud Managed Services

Cloud Governance & Reporting

Cloud Security Operations

DevSecOps

SaaS Product and Platform Development

Cloud Native Application Development

DevOps Transformation (DoT)

Application Modernisation

Managed Analytics

Data Governance and Engineering

Data Lake & Data Warehouse Implementation

BI Modernisation

Blazeclan Helps GOYA Sport to Scale Up and Optimise Cost of their Application by Hosting it on AWS Platform

Blazeclan Helps Fremantle Commercial Diving Establish Robust End User Computing through Microsoft Office 365 Migration​

Chartered Accountants Australia and New Zealand – AWS Data Lake Implementation & Managed Services

Testimonials

About Us

Culture

Partners

Our Leadership

Work With Us

Cloud Adoption Trends for 2025: What To Expect

How Zero Trust is Crucial in Cloud Migration

Debunking the Myth: The Reality of Cybersecurity

Awards and Recognition

Media Coverage