Building a SOC 2 compliant architecture for Pillir.
Pillir is a low-code, cloud-native platform that enables organizations to develop mission-critical apps 20 times faster than traditional methods, leveraging the power of SAP’s digital core from any device, with or without connectivity. Pillir’s platform automatically converts legacy custom business processes to modern cloud-native applications, available on the web and via any mobile device. It enables organizations at any stage of their SAP journey to accelerate their digital transformation, enabling innovation at the edge while maintaining a clean SAP digital core.
Pillir wanted their multi-account AWS environment to be cost-effective, highly secure, reliable, and to cover a range of compliance standards. It had to follow best practice guidelines laid out by the AWS without making changes to their existing application infrastructure and they needed a SOC 2 compliant architecture.
After a thorough review of Pillir’s environments—including an overall assessment of its infrastructure using AWS Well-Architected Framework—Ibexlabs determined that it could leverage the AWS Well-Architected Framework to build the company a secure, high-performing, resilient, and efficient infrastructure possible for their workloads.
Ibexlabs focused on areas of Well-Architected Review such as Security and Reliability which are part of the five pillars. We proposed a remediation plan to address the findings of the Well-Architected Review and proposed a segregated, multi-account access model with data protection. During this process, security best practices were established to adhere to principles of least privilege, while still leaving a system that was secure and accessible to developers that did not reduce the ability of teams to respond to new challenges and opportunities. This analysis gave valuable insight into areas of improvement—especially in regards to security.
This simplified how they assessed risk, and compliance with regulatory standards such as SOC 2.
With the combination of these security best practice methods, Pillir now has a broad, detailed understanding of their security posture. They clearly know where new threats may arise and they have an increased level of trust in their security technologies and operations.
"Pillir was in-process of migrating from Qualys. The Ibexlabs team accelerated our journey to manage security and audit compliances and remediation within AWS. The team's AWS expertise, professionalism and support is world-class. Pillir found the right partner and am excited for future engagements."