Improving Efficiency and Security with Bespin Global
Improving Efficiency and Security with Bespin Global
Small – Medium Business
FinTech – Payment Services
Our client operates an online platform that offers a variety of prepaid cards for electronic services, including gaming and telecommunications, from over 60 international, regional, and local partners. The company, located in Dubai, is a prominent vendor in the Levant and Middle East region, and has established itself as a leader in its industry.
Thanks to competitive pricing, a user-friendly website, and increasing demand for electronic payments in the region, the customer experienced rapid growth which meant that its technology solution needed to adapt quickly.
According to a Board Member of the app: “To provide a first-class, secure product portal we needed to switch to highly automated technology infrastructure that integrates with vendors and that offered strong built-in security protections. For our team, it was a significant shift with many challenges, and we needed an expert partner that we could trust.”
The client’s everyday workflow involves handling voucher codes for high-value prepaid cards. The company relied on a manual system to upload voucher codes to systems once a day, but an expanding business meant manually managing voucher inventory was no longer an option.
The flow of high-value vouchers also created a security risk as stolen voucher codes could lead to a large loss. The client’s app required a secure ERP system that automated manual processes and integrated closely with suppliers through inbound and outbound API capabilities.
Dania Al Refai, Senior DevOps Engineer at Bespin recognized that the security challenge was, in fact, threefold. Al Refai says that: “We knew we had to implement resilient data encryption protocols to protect voucher codes from unauthorized access. We also needed to secure the client’s website traffic against the common web exploits and bots that threat actors use to steal data such as voucher codes – while protecting the application’s users from account takeover attacks.”
The client previously addressed technology requirements through their in-house team but doing so was becoming challenging, taking focus away from the core business of delivering top value and a great buying experience for its customers.
“In looking for an expert partner we asked our existing hosting provider, Amazon Web Services (AWS) for a referral”, explained the client. The team at AWS referred the customer to Bespin Global, a known reputable AWS solution specialist with deep expertise and prior experience dealing with digital content products.
Bespin worked with the client to find a solution that delivers performance, reliability, and security while maintaining operational excellence through continuous cost optimization. “We were also looking for a rapid return on investment,” says the client.
Al Refai says that “After several consultations with our client to evaluate the pros, cons, and suitability of a variety of solutions we settled on an Odoo-based ERP system that was both flexible and customizable, using the Odoo framework to build the client’s website and CMS.”
Hosting services remained with AWS and Bespin Global used its deep AWS expertise to integrate key AWS performance features into the client’s solution. That included best practices such as high availability, achieved by deploying across two availability zones and using a load balancer.
“We applied AWS Elastic File System (EFS) to enhance the performance and throughput of the application. By utilizing AWS EFS, we simplified the persistent storage process for the client’s Odoo content management system (CMS) workload”, said Al Refai.
Utilizing AWS’s performance hosting features allowed for faster and more reliable product and service deployment to market while lowering overall costs.
Effective SMS and e-mail services
“Efficient, reliable customer communications were another core part of our requirements – including through short message service (SMS) to communicate critical steps such as the one-time PIN (OTP) to complete a transaction”, said the client.
AWS Simple Notification Service (SNS) was integrated for marketing SMS messages and to handle the one-time PIN (OTP) verification SMS to users.
Bespin integrated SNS so that the client could send promotional SMS and transactional SMS messages to their users – informing customers about sales, discounts, or other marketing campaigns, and confirming a purchase or resetting their password.
Thanks to SNS, the client can send messages through a single API and manage them from a single dashboard. Similarly, AWS Simple Email Service (SES) was implemented to send emails including marketing and order confirmations.
As a first line of defense Bespin configured the AWS Web Application Firewall (WAF) to secure the client’s website traffic and to provide protection against web exploits and bots that can affect availability, compromise security, or consume excessive resources.
“By utilizing AWS WAF, we managed to guard the client’s website against account takeover fraud by screening web traffic. We achieved this by monitoring the application’s login page to detect any unauthorized attempts to access user accounts using compromised login information. Moreover, we established rules to filter incoming web requests based on a variety of criteria such as IP addresses, HTTP headers, and body, or custom URIs.” – according to Al Refai.
Bespin Global aimed to provide quick wins in all aspects while building a technology solution that helped the client achieve all its long-term goals. The client says that “Bespin Global understood our unique needs extremely well and was, therefore, able to rapidly build a solution around our needs – acting as a trusted advisor throughout the process”.
It’s a comprehensive solution that required ongoing management. To enable the client’s team to focus on running the business, Bespin also acted as managed services provider (MSP) to provide 24/7 integrated support services, including application and infrastructure monitoring, incident response, backup, and disaster recovery.
Bespin’s MSP team worked directly with the client, using AWS CloudTrail to implement operational and risk auditing as well as governance, and compliance measures. Bespin also tracked cost and usage trends to provide cost management recommendations on an ongoing basis – including through using AWS CloudWatch to continuously monitor the AWS resources used to drive the client’s requirements.
RESULTS & BENEFITS
“With our new ERP solution my colleagues were able to automate inventory and purchases through seamless integration with suppliers thanks to the API implementation – moving from a manual process to a fully automated solution”, says the client.
In turn, the Odoo platform enhanced the performance and throughput of the client’s CMS, freeing up team members’ time for high-value activities. Thanks to AWS SNS and SES, the client now communicates seamlessly with its clients.
Critically, the customer also significantly improved its security posture. The use of AWS WAF enforced secure traffic, preventing account takeover fraud, while encryption safeguarded voucher codes.
As an ongoing partner, Bespin continues to help the client with infrastructure and daily risk issues. For instance, when the customer faced an influx of fake sign-ups through phone numbers, Bespin Global monitored the SMS stream in AWS and devised a solution to stop fake sign-ups – providing regular reports to keep the client informed.
The customer also benefits from OpsNow, a powerful service Bespin offers to AWS customers. “OpsNow allows us to manage, operate and optimize our cloud costs through tracking and analyzing cloud spending in real-time”, according to the client.
OpsNow offers an asset management component to help the client identify and track its cloud assets, making it easier to manage and optimize resources. Thanks to consolidated billing the client can now manage billing across multiple AWS accounts through one single easy-to-manage account.
“With the help of Bespin Global, we were able to significantly improve our security posture, and operational efficiency while also reducing our cost base. Bespin Global provided exceptional customer service, team members were consistently helpful, and the company kept us updated with valuable advice throughout the project.” – Board Member of a leading vendor of Digital Cards
Thanks to Bespin Global, the client’s team can now rest assured that high-value vouchers are protected against ongoing cybersecurity threats. The customer also benefits from an efficient, high-performance CMS that supports ongoing growth at scale.
About Bespin Global, an e& enterprise company:
An AWS Premier Tier Services Partner and AWS Managed Service Partner, BESPIN GLOBAL MEA (Middle East and Africa) is a leading provider of automated cloud solutions and consulting services, including cloud adoption, strategy, migration, implementation, Managed Services, DevOps, FinOps and Data & Analytics. Bespin is positioned as a Leader in Gartner’s 2020 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services, as well as a “Visionary” in Gartner’s 2022 Magic Quadrant for IT Transformation Services.
In late 2022, Bespin Global MEA and e& enterprise formed a joint venture with the aim to assist enterprises in their digital transformation journey and eventually become the largest pure-play public cloud-managed and professional services provider in the Middle East, Turkey, Africa, and Pakistan.
Bespin’s cloud FinOps management platform, OpsNow offers an automated end-to-end solution for customers to effectively manage cloud assets and costs, optimize cloud expenses, and automate the implementation of cloud governance policies across multi-cloud environments.
Address: The Offices 4, #138-139, One Central, Dubai World Trade Center (DWTC)
Telephone: 800 BESPIN (237746)
P.O. Box: 340729