Hero FinCorp is a non-banking financial corporation specializing in consumer finance and commercial lending.
Their consumer finance segment focuses on financing Hero MotorCorp two-wheelers, while the commercial lending division caters to corporates with a wide range of financing products, including working capital loans and machine loans.
Hero FinCorp had been utilizing FinnOne, a leading loan lifecycle management software, for their lending business. However, when the business entered a phase of rapid expansion, they knew they had to adapt their digital infrastructure to ensure it was fit for purpose. Specifically, they were focused on:
- Scalability: Deploying FinnOne in a robust and highly scalable environment.
- Security: Ensuring security at scale was essential due to their role as custodians of sensitive customer information.
- Compliance: Continuous compliance and stringent governance were essential, given their status as a financial services provider.
Shiv Ram, Head of IT Infrastructure at Hero FinCorp, emphasized, "As we grew, we understood that we needed to rethink our approach to compliance and governance in order to maintain the high standards for which we are known”.
Hero FinCorp had specific needs:
- Continuous monitoring with real-time deviation identification and auto-remediation.
- Adherence to AWS security best practices and CIS benchmarks.
- Easy generation of reports on infrastructure and operating environments for regular audits.
Continuous Compliance at Hero FinCorp: To address these challenges and meet Hero FinCorp's needs, Noventiq (formerly Umbrella) implemented a comprehensive solution:
- Hardened AWS Instances: AWS instances were hardened to create a golden Amazon Machine Image (AMI). This involved disabling password-based access, configuring SSH settings, disabling default users, and enhancing security policies.
- Automation with AWS Services: Native AWS services, including Cloud Formation, AWS Config, CloudWatch, CloudTrail, and Lambda, were used to automate launch, monitor the environment, and remediate issues. Third-party tools like CloudHealth aided governance by ensuring continuous adherence to CIS standards and AWS best practices.
- Template-Based Deployment: Templates for deployment in CloudFormation were created, defining resources, configuration details, security settings, and policies. AWS Config continuously assessed configuration details, highlighted deviations, and triggered actions.
- Alerts and Auto-Remediation: CloudHealth, integrated with CloudWatch, CloudTrail, and AWS Config, monitored the environment and made recommendations to ensure compliance with IAM-based access, port closures, resource tagging, and CIS best practices. AWS Lambda was alerted in case of deviation and initiated auto-remediation, such as destroying instances launched without the golden AMI.
- Root Cause Analysis: CloudTrail logs were accessible for root cause analysis and preventive action.
- Reporting: CloudHealth dashboards provided a view of non-compliance events and actions taken, making data readily available for audit reports.
The implementation of this solution delivered several key benefits to Hero FinCorp:
- Higher Security: Continuous monitoring with alerts and auto-remediation reduced time to remediation, enhancing security.
- Adherence to Industry Standards: Hero FinCorp met industry security standards, including CIS benchmarks and AWS best practices, thanks to auto-remediation capabilities.
- Efficient Reporting: Data on compliance was readily available, enabling quick and easy report generation for audits.
Shiv Ram noted:
"Thanks to a highly sophisticated monitoring environment which maps adherence with AWS best practices and CIS benchmarks and takes remedial measures, HeroFin operations are always compliant, and technology has enabled us to meet critical business objectives."
This success story illustrates how Noventiq's solution enabled Hero FinCorp to achieve continuous compliance and security at scale while efficiently managing their expanding financial services operations.
For more information on how Noventiq can help your organization achieve similar results, please contact us for a consultation.