Building a SOC 2 Compliant Architecture for Third Party Solutions (3PS)

About Third Party Solutions

Third Party Solutions (3PS) brings all the pieces together with the software known as the Assembly Toolbox. Assembly Toolbox bridges the communication between the customers’ needs, store forecasts, and the third-party teams. Assembly Toolbox ensures that the right mix of products is pulled and ready at all times.

The Challenge

3PS reached out to Ibexlabs to perform a security assessment of the AWS solution (Based on CIS and WAF) and hosted applications using the Cloud Vulnerability Assessment to meet the requirements of SOC 2 compliance standards.

The Ibexlabs Solution

As part of the onboarding, Ibexlabs conducted a security assessment for 3PS after which remediation work being undertaken to ensure a more robust and secure environment for their applications and website.

AWS Services used:

  • AWS Config: To detect configuration drifts within an AWS account.
  • AWS Web Application Firewall (WAF): To configures rules that allow, block, and monitor web requests based on predefined conditions.

Other Services:

Jenkins, Pritunl VPN, Detectify, Mongo DB, OneLogin, OpsGenie

Results

  • The result is an increased level of trust in the security and more secure solution for 3PS that made it possible to achieve SOC 2 compliance. 
  • Ibexlabs was able to optimize the services reducing the overall AWS monthly spend for 3PS.
Contact us for a demo

From the Customer

Download
Talk to an Ibexlabs Cloud Advisor