How Kuliza’s Financial Industry Product Lend.in used InfraGuard for easy post-installation management.
By Kislay Chandra
“Operating in the Financial Industry, security is paramount to us. Our software installations needed to remain updated while retaining our internal and external security policies. InfraGuard’s Patch Management solution in conjunction with their other features worked great in this scenario.”
- Kaushal Sarda, CEO (Kuliza)
Lend.in is Kuliza’s flagship lending product, The low code lending suite for banks and lending institutions to increase the overall efficiencies while decreasing the cost and go-to-market time for customers. The software is installed in client locations and needed secure update management to function optimally as well as comply with regulations. Furthermore, there were other common tasks like log & backup management that could benefit from automation. InfraGuard’s comprehensive feature suite was the proposed solution for this requirement.
Kuliza is a Select AWS Technology Partner and leading provider of digital transformation and operational intelligence solutions for financial enterprises. Since 2006, Kuliza has executed more than 120 digital transformation projects for global startups and industry-leading global enterprises.
With Lend.in, the idea to scale, evolve and continuously improve the loan processing by leveraging the customer-centric design and new age technologies is brought to life using Lend.In.
The financial industry has always been specific about the policies & processes that software vendors need to employ. While regular processes like update management and logging still need to be done, they require an added layer of security in this industry. Lend.ln provides a secure platform with essential building blocks to configure robust lending systems to improve every aspect of the business and financial enterprises worldwide are its customers. The software, whether installed in client infrastructure or fully managed by Kuliza, required a common set of actions which were Update Management, Backup Management, Log Management & Script Execution. InfraGuard was the proposed solution to execute these tasks within an in-built robust Access Management System.
InfraGuard shines in this use case. The ISV can create separate client accounts within the InfraGuard dashboard. With easy user management features, employees are assigned roles and one or multiple client accounts. Furthermore, if the client installation had multiple instances, they could group servers into Projects for easy bulk action and automation settings. Once the structure was set up in the guided onboarding process, roles and policies for each personnel were clearly defined and enforced. Thereafter, Kuliza could manage multiple client installations from a single dashboard.
Specifically, Kuliza could now create manual and automated workflows to complete the following tasks that earlier required access to individual servers.
- Patch Management: Kuliza created centralized patch policies that were divided into regular Scan and Install actions. At defined schedules, the Client servers were scanned for pending updates and the report fed to a ticketing system. On approval from the client, Install policies were set up for the approved patches. At designated time, the update happened and reports were again sent to the ticketing system. A live status dashboard was available for the Patch Maintenance team to view the process as it ran.
- Process Restarts: InfraGuard has built-in EC2 Start/Stop/Reboot buttons. These can be applied to individual as well as groups of servers. Furthermore, automated policies can be set up which Start or Stop instances at defined times/days. The other side of this equation is the running scripts to restart individual scripts. Again, Kuliza set up automatic script execution schedules while having the freedom to manually restart scripts across server groups.
- Backup Management: As add-ons to every update management process, Kuliza could create Backup policies both pre & post-installation.
- Log Management: Again, in the financial industry it is critical that access is not only regulated but also monitored. Every action taken from InfraGuard is logged for review. This logging is done on both user as well as server level.
- Maintenance Scripts: Finally, for ad-hoc application or process specific action, there were three solutions. First was the inbuilt script inventory that would centrally store approved scripts that can run on single, multiple servers. Secondly, an application detection feature, could find applications running on any instance. Common actions were encoded in button clicks to remove the need of typing scripts. And finally, for 3rd party technology providers, InfraGuard’s open API provided custom integration & action options - actions that were still within robust access management policies.
Using InfraGuard in financial industry server management brings forth multiple benefits. Internal security is ensured with multiple layers of RBAC, approvals, central policies and reduction in manual intervention. Furthermore, anytime the regulation changed, there was a central point to take action from - InfraGuard- instead of the erstwhile method of manually changing moving parts across client locations.