FintechX leverages SnapSoft for rapid migration to AWS - SnapSoft
FintechX leverages SnapSoft for rapid migration to AWS

FintechX leverages SnapSoft for rapid migration to AWS

FintechX leverages SnapSoft for rapid migration to AWS

Client:

Company Logo

Region:

CEE

Industry:

Fintech

To enhance its infrastructure and security capabilities, FintechX, a digital banking platform, leveraged SnapSoft to transition from another prominent cloud platform to AWS in 2 weeks. The migration aimed to establish a secure and scalable AWS environment while introducing Infrastructure as Code (IaC) practices. SnapSoft, selected for their expertise, facilitated this migration, ensuring minimal disruption and optimal setup. FintechX now benefits from a robust AWS architecture that supports their fully custom, self-hosted application stack, improves security and compliance, and enhances overall performance.

Our partner said

SnapSoft’s expertise made our AWS migration seamless and fast, completing it within two weeks. Their implementation of Infrastructure as Code has greatly improved our security, compliance, and infrastructure management. We highly recommend SnapSoft for cloud migrations and AWS setups.
Tamás Gémes
CTO & Co-founder
SnapSoft’s expertise made our AWS migration seamless and fast, completing it within two weeks. Their implementation of Infrastructure as Code has greatly improved our security, compliance, and infrastructure management. We highly recommend SnapSoft for cloud migrations and AWS setups.

Challenges

FintechX, a digital banking platform, traditionally operated using publicly available virtual machines on another prominent cloud platform. However, the need for advanced networking, enhanced security, and better compliance drove their decision to migrate to AWS. The primary challenge was to complete this migration within a stringent two-week timeframe without direct access to FintechX's existing infrastructure, while also discussing and educating on the introduced services and solutions.

Why AWS?

FintechX chose AWS over other cloud providers due to its superior networking and security features, user-friendly platform, extensive global footprint, and comprehensive support for cloud migration. These attributes were critical for ensuring fast application performance, secure identity access management, and the ability to quickly deploy new environments worldwide.

Why SnapSoft?

FintechX selected SnapSoft for their proven expertise in cloud migrations, particularly in setting up secure and efficient AWS infrastructures. SnapSoft’s experience with IaC and complex AWS Organizations setups made them the ideal partner to ensure a seamless and secure migration, tailored to FintechX’s stringent requirements.

Strategy and Solution

Proposed Solution & Architecture:

  • AWS Organizations Structure: SnapSoft established a detailed AWS Organizations structure to ensure resource isolation across different domains and environments. This included dedicated accounts for security, logging, and networking.
  • Management Account: Used exclusively for organization management, billing, and implementing advanced Service Control Policies (SCPs) to restrict non-relevant services and regions.
  • Network Account: Hosted instances for VPN/bastion hosts, interconnected instances using a Transit Gateway, and centrally hosted NAT gateways for private instances’ outbound networking.
  • Security Account: Delegated for monitoring services like GuardDuty, Config, Security Hub, and central logging via CloudTrail.
  • Logging Account: centrally collecting application telemetry
  • DevOps OU and accounts: separate environment for FintechX’s internal systems
  • Client Systems OU: each partner receives separate accounts for full isolation, also for their development and production environments

fintechx_aws_organization.png

Networking

  • Private Subnets: For instances requiring no inbound access.
  • Public Instances: Placed behind Application Load Balancers with a Web Application Firewall (WAF) to enhance security.
  • Outbound Internet Access: Managed through NAT gateways for private instances and local internet gateways for public instances.
  • SSH Management: Centralized via the network account’s jump/VPN machine.

fintechx_aws_architecture.png

Virtual Machines

FintechX prefers to build their application stack from scratch. SnapSoft’s involvement concluded with the virtual machine setups, allowing FintechX to continue their CI/CD processes and application deployments independently. They self host the GIT repository they use for their stack, and execute CI/CD using other machines in the infrastructure. This CI/CD installs software for the partner machines. The base GIT and CI/CD instances are managed manually by FintechX, for the partner instances every time a new OS distribution comes out. FintechX sets it up for their own environment, creates an AMI, and then uses the template for further instance launch.

FintechX will continue leveraging SnapSoft’s expertise for ongoing support and potential expansions of their IaC practices. Future plans include exploring further AWS services for enhanced security and operational efficiency, and possibly transitioning to a serverless architecture to further optimize their infrastructure management. FintechX remains committed to continuously improving their infrastructure, ensuring robust security and compliance, and enhancing the performance of their digital banking platform to better serve their clients worldwide.

Results and Benefits

The migration was completed within the two-week deadline, enabling FintechX to start running their applications immediately. The setup’s efficiency was demonstrated by the minimal need for follow-up meetings. Key benefits included:

  • Enhanced security and compliance through a well-structured AWS environment.
  • Improved infrastructure management with the introduction of IaC practices.
  • Optimized performance and resource allocation, reducing overall infrastructure costs.
  • Empowered FintechX’s internal team to manage their software deployments without external interference.

Technology stack

AWS Cloudwatch
AWS GuardDuty
AWS Organizations
AWS Transit Gateway
AWS NAT Gateways
AWS Application Load Balancers (ALB)
AWS WAF
AWS Config
AWS Security Hub
AWS CloudTrail