Securing and managing Oban’s AWS environment
About Oban
Oban is a disrupter in financial solutions. They are committed to the digitisation of the superannuation and insurance industries, using the AWS Cloud as an enabler. Oban is achieving this goal by the systematic rollout of its automation gateways utilising an underlying event-driven messaging platform.
What was the customer problem or opportunity?
The Oban solution is all hosted on AWS Cloud. Oban operates in a highly regulated industry that defines security and compliance as a non-negotiable capability. Although all the applications have been developed in house, Oban’s expertise does not extend to security management of the broader AWS platform.
Oban was seeking an AWS partner to provide 24/7 support and a managed security service for the workloads hosted in the AWS Cloud. Oban became aware of RedBear at the ASFA Conference in Adelaide in 2018.
How did RedBear deliver the solution?
RedBear IT was engaged to provide managed security services in April 2019. As part of the on-boarding approach, RedBear performed a security assessment of both the AWS solution (based on CIS and WAF) and the hosted applications through Cloud vulnerability assessment. The assessment resulted in remediation work being undertaken to ensure a more robust and secure environment for their applications and websites.
This included upgrades to the security components, including implementation of AWS security services such as encryption of data volumes and enabling of GuardDuty and monitoring services such as CloudTrail, Config and VPC Flow Logs.
All data from these services is ingested into RedBear’s Australian based managed security service platform, along with application data from the workloads. This data is then analysed to develop actionable alerts which are remediated through both automation and manual triage and response.
RedBear has been managing Oban’s AWS environment for over 2 years and is the ongoing MSSP.
What was the outcome for the customer?
The result is a more secure solution for Oban that enables Oban to meet its compliance obligations and offers a faster time to remediation for its customers. In addition, Oban are able to focus on its applications and customers knowing that the AWS environment is actively managed by a security focused AWS managed service partner in RedBear. At the same time, RedBear was able to optimise the services in use, reducing the overall AWS monthly cost for Oban.
Oban operates in several highly regulated markets where security positions are tightly controlled and monitored, requiring Oban’s security accreditations to be regularly and independently assessed. RedBear is Oban’s trusted security partner whose use of sophisticated monitoring and reporting tools ensures that Oban meets or exceeds all mandated security expectations.
Brett Christie, Managing Directory, Oban Solutions