REGULATED WORKLOADS - THE CLOUD ENSURES COMPLIANCE

Moving from traditional colocation datacenter into the AWS cloud, to achieve KRITIS compliance

retail

Financial Services & Insurances

CHALLENGE

The customer is a well-known retail brand with shops all across Germany. The company has strategically decided to move into the public cloud to prepare for the future.

When moving workloads across all different departments to the cloud, the companies’ cloud team decided to start with one of the most complex workloads: an insurance service that customers can book when they buy products in their shops.

According to BSI-Gesetz and BSI-Verordnung, an insurance service needs to fulfill a KRITIS relevant service requirements.

To ensure success, the client needed support, expert knowledge in the fields of cloud security and compliance, and structural methods. The goal was to support and boost their existing teams and other AWS consulting partners, who already helped the migration.

solution

Alice&Bob.Company provided a team of certified and experienced cloud experts with in-depth knowledge in the AWS ecosystem and regulated environments.

The A&B team was split across different work-streams according to the customers need. After onboarding, Alice&Bob.Company team, it became involved in the critical milestones of the migration project. Our team supported in architectural and conceptual planning of the AWS infrastructure, as well as the implementation work.

Moreover, Alice&Bob.Company provided additional security-related service and performed i.e. Agile Threat Modeling workshops.

CLOUD TECHNOLOGIES
EC2, S3, EFS, Config, CloudTrail, ControlTower, Lambda

Accelerating enterprises in their cloud journey by leveraging A&B's experience with regulated industries in the cloud.

RESULT

Thanks to the Alice&Bob.Company team, the project has gained a new momentum. Structural, internal conflicts could be identified and addressed. The customers management gained a new external view on the existing and upcoming challenges of the cloud migration journey.

This had a significant accelerating effect on the future course of the project.

In addition, conducting Agile Threat Modeling workshops has also led to a new perspective on platform security. Concrete individual threat scenarios could thus be worked out, evaluated and solution approaches identified.

RELATED SERVICES
THREAT MODELING WORKSHOP
Threat and risk based methodology to identify and evaluate threats to your digital product integrated in your agile product development lifecycle.
SECURITY CONSULTING

We’ve been the first AWS partner in DACH, focussing crystal clear on Cloud Security. We’re providing cloud security expert advice to C-level executives, management roles, product teams and engineers. We integrate and enable.