With the AWS-based solution our threat management process receives a new level of efficiency. Furthermore, we are able to convert the TMA into a market offer in the medium term.
Claudia Brandkamp, Threat Management, Deutsche Telekom
An effective collaboration with different experts such as labor law, compliance, HR, etc. is essential for the threat management. Currently, all steps are monitored with Word documents and e-mails, which is manual and cumbersome making it very difficult to manage. In order to enhance the collaboration and the documentation, a digital process-supporting system, the Threat Management Assistant (TMA), should be implemented. The new system should also incorporate scientific models to help to evaluate the respective monitored employee situation. Those scientific models will be continuously developed so the new system needs to support continuous development/continuous integration (CI/CD). As the team plans to offer the TMA to other companies, they opted for a platform that could easily scale up according to market demands: AWS Cloud. Additionally, due to the nature of the project, the new system should be built in a secure environment to store and share documents.
The T-Systems team built up the system based on the business demands and according to AWS best practice of the well-architected framework. This ensures not only scalability and CI/CD, but as well a high level of security for an efficient and sophisticated system. AWS CloudFormation provides the necessary infrastructures as code. After setting up the infrastructures, the T-Systems team introduced the security features using Key Management Service, AWS Certificate Manager and SSM parameter store for passwords and parameters. Data at rest (in Elastic Block Store and the PostgreSQL database) and in transit are encrypted accordingly. The cloud-native TMA application was established in the AWS Cloud in Frankfurt. Ruby on Rails was used as web application framework. It also introduced containerization (Docker) based on Amazon Elastic Container Service as a fully managed container orchestration service. It allows easy running of applications on a managed cluster of Amazon EC2 instances. Deployments are done with Code Pipeline. PostgreSQL is used as database. A multi-AZ setup realizes high availability and failover support. WordPress is operated for the documentation process. Monitoring is done via Amazon Cloud Watch. The future-oriented method to have an effective solution easily passed an AWS well-architected review.
To prepare for the future, companies require four cornerstones: connectivity, cloud and IT infrastructure, security, and digitalization. With its end-to-end support, T-Systems helps companies to safeguard their business continuity. Learn more about T-Systems’ integrated approach.