Client: NDA Signed & Protected
Location: United Kingdom (UK)
Platform
Cloud
Industry
Banking
Standards
PCI-DSS
Provider
AWS
Customer Requirement
Implement a scalable PCI DSS Level 1 infrastructure on AWS for a payment gateway. Skynats was tasked with planning and implementing an architecture for a business-to-business payment gateway. The client insisted that the project be deployed in Amazon web services (AWS) with an emphasis on security and performance.
Since the project included implementing a payment gateway, the architecture must be compliant with PCI DSS level 1 norms. For this project implementation, the employees working on the project must be scanned and cleared for the purpose of security. The application deployed must be implemented with lockdown procedures and protocols at
each step. The client also insisted on developing a hierarchy-based documentation of the process from connection to the workflow of the application. A governing body will scrutinize the implementation process, nomenclature, and methodology. The application can only be made live if the certification is received.
Skynats submitted our architectural proposal, which takes into account the current workflow of the application. We implemented all the resources needed by the application to work without compromising any security norms of the governing body. The proposal includes the following strategies:
Analysis: Had meetings and conducted detailed analysis of the client’s requirements, including compliance requirements and business goals.
Designing the architecture: Build and propose a suitable cloud architecture in AWS that meets all the PCI-DSS Level 1 compliance standards and scalability.
Implementation: Implemented the approved scalable and secure architecture in AWS that is ready for the audit by PCI auditors.
Troubleshooting: Based on the auditor report and analysis, made the necessary changes in architecture, servers, application setup, and AWS components to get the final compliance.
Deployed a private network in both the staging and production environments.
Deployed multiple EC2 instances with autoscaling and load balancing.
RDS for Database with multi-region support deployed for autoscaling and load balancing
EFS for file system with multi-region support deployed for autoscaling and load balancing
Centralized monitoring and management systems, including OpenVAS, OSSEC, HIDS, SIEM, Snort, Wazuh, and the ELK Stack, are deployed for log management, risk management, network management, and vulnerability management.
AWS Cloudfront and Route 53 implemented.
AWS Cloudwatch for monitoring
AWS CodePipeline implemented for CI/CD deployment
AWS WAF for Application Security.
The project was completed in 3 months with deployments, testing, auditing, and final delivery.
The system was assessed, scanned, and scrutinized by the governing body, and the system was certified with PCI-DSS Level Compliance approval to go live with high standards.
Have Similar Requirements ?
Infrastructure
Quick Contact