SoftwareONE Brings its Security Expertise to Apoorva Foods
Founded in 2007, Apoorva Foods is one of Bangalore’s leading corporate dining solution provider with services that cut across: Corporate, Banquet Events, Weddings, Outdoor Events, High-End Party and Cafeteria Management.
Apoorva’s site is built on WordPress and a hacked WordPress site can cause serious damage to business revenue and reputation. Hackers can steal user information, passwords, install malicious software, and can even distribute malware to your users. Each week, Google blacklists around 20,000 websites for malware and around 50,000 for phishing.
A study found that nearly 20 percent of the 50 most popular plugins for the WordPress platform are vulnerable to common Web attacks. Apoorva needed a solution to secure its main presence on the Web.
SoftwareONE implemented AWS services to ensure Apoorva’s website was as protected as possible. Although the WordPress core software is very secure, there is a lot that can be done to harden the site from a Security perspective.
SoftwareONE implemented the WAF solution from Incapsula, which protects from unauthorized access or alteration and complex attacks against WordPress, keeping Apoorva’s sites safe and online. The Site was routed through AWS Route53 and SSL Certificates were installed to server traffic via HTTPS.
For host-based security, Infraguard and Trend Micro Deep Security were implemented in order to scan and automatically install missing patches.
A few of the key features leveraged via AWS include:
WAF: Onboarding a WAF, gave Apoorva Foods the security they needed for the DDOS attacks, XSS scripting and SQL injections.
Deep Security Manager gave the organization a central dashboard to manage a host defense system for its cloud infrastructure. It gives businesses power over how and where data is accessed and greatly reduces the complexity inherent in traditional key management solutions. Deep Security combines multiple protection modules, including anti-malware, IDS/IPS, integrity monitoring web application protection, log inspection, and firewall, in a single, centrally managed software solution, to provide agent-based or agentless protection.
SSL Implementation encrypted the transactions and customer information pages to maintain integrity. The outcome is having tighter controls on the website, as well as the ability to handle sudden increases in web traffic.
VPS and Security Groups: Amazon VPC helps to provide the isolated Network. Security Group helps to control the incoming and outgoing traffic through specific ports.
AWS NACL provides protection at subnet level i.e. with Nacl SoftwareONE is controlling the network traffic for each subnet.
IAM granular policies are being implemented and keys are rotated on a regular basis.
AWS CloudTrail allows for compliance and operational audit by keeping track of all the actions performed by a user or role.
Amazon Cloudfront helps speed up the distribution of contents as it routes the user request to edge locations.
Get in touch with us
Contact us today by filling out this short form and our experts will get back to you promptly.