base2Services and Fintech start-up Parakeet build a PCI compliant and secure product using Kubernetes and AWS
"When we started the company we had very demanding PCI compliance challenges to overcome and knew we didn’t have the resources to solve them in-house. We got this expertise from base2Services. Not only did they build a compliant environment very quickly, they also implemented a high degree of automation to maintain continuous compliance"Robert Owens, Chief Solutions Officer & Co-Founder
A bit about Parakeet
Parakeet (formerly Zelo Pay) is a B2B early payments platform that aims to take the headache out of getting paid on time while increasing earnings and creating immediate cash flow and administrative relief for its customers.
Parakeet's cloud-native SaaS offering provides an easy-to-configure payment platform that enables businesses to create a digital wallet, configure invoice automation, add supplier profiles and automate and incentivize early payments, as well as many other payment capabilities.
The Fintech start up relies on Amazon Web Services (AWS) to ensure their software can be deployed and used anywhere, by anyone, on any device.
What Parakeet needed
Any SaaS application that deals in finance needs to be reliable, relevant, and above all else, secure.
As a payment platform, Parakeet has to comply with the Payment Card Industry Data Security Standard (PCI DSS), a global information security standard for companies dealing with major credit cards. Achieving this compliance requires Parakeet to have highly secure, regularly monitored systems and networks that enforce vigorous access controls.
Parakeet knew it wanted to deploy on AWS, but it lacked the technical resources to meet production readiness and its explicit cloud goals with certainty. They needed to add cloud platform and security expertise to the team to let developers focus on product functionality but without incurring significant costs for hiring new engineers so that they could:
- Ensure its rigorous PCI DSS security requirements could be met in a highly scalable and available environment
- Take its Kubernetes application deployment workflow from on-prem into the cloud
- Implement DevOps processes, pipelines and automation leveraging AWS
- Accelerate time to market
- Receive ongoing management of the environment
By teaming up with base2Services, Parakeet gained a partner who extended their team with expertise spanning the AWS platform and that provides ongoing cloud, security, DevOps and automation support as the business grows.
What base2Services delivered
From the beginning of Parakeet’s journey, base2Services has been the partner of choice. The collaboration ensures that each of Parakeet’s security, compliance, deployment and quality assurance goals are met, and that the company has a trusted partner to continuously manage their cloud security and DevOps automation as they grow.
Parakeet’s most immediate concern was rapidly achieving and continuously maintaining PCI DSS compliance so they can do business using the services of major global card brands like Visa, Mastercard and American Express.
As part of Parakeet’s DevOps as a Service plan, base2Services architected a secure and highly automated cloud dev, test and production environment that was PCI compliant using multiple AWS services in conjunction with base2Services’ open source software and tools. More specifically:
- base2Services built Parakeet a managed Amazon Elastic Kubernetes Services (EKS) platform and the pipelines to build and deploy their applications into it. The containerized workloads enable clustered security, high availability and quick access to new updates from AWS. The environment also makes it easy for Parakeet to build and deploy microservices to Kubernetes, providing them with a production-ready Platform-as-a-Service to build applications and microservices on top of.
- As another major requirement for Parakeet was to be able to continuously integrate and continuously deploy their software to the cloud, base2Services implemented a Jenkins CI/CD automated pipeline to Parakeet's Elastic Kubernetes Services through which their software is developed, updated, tested and committed to production securely and without error.
This service also makes use of base2Services' extensive Jenkins shared library functions. The workflow ensures that nothing reaches the production environments without administrator approval and without being tested first.
- Several AWS managed cloud security services were also orchestrated and automated by base2Services to meet the Fintech start up's PCI DSS requirements. This included the design of Amazon's GuardDuty, AWS Cloudtrail, AWS Key Management Service (KMS), Amazon CloudWatch and AWS WAF cloud security services into a configured, coordinated suite of controls that manages intrusion detection; governance, compliance and auditing; encryption; monitoring and alerting; and frontline attack prevention.
These AWS configurations are complemented by base2Services' proven applications and tools for source code version control, database backups and other dev-essential automation tools, as well as a key PCI DSS intrusion detection system, OSSEC.
Introducing the underlying systems and policies to achieve compliance is complicated, time consuming and expensive for companies that do not already have explicit Infrastructure as a Service (IaaS) technical skills in-house.
Having base2Services as a partner for AWS cloud deployment, management and security means Parakeet was able to achieve continuous PCI DSS compliance in only 6 weeks, gain access to the latest cloud services and make big savings by not having to hire new IaaS technicians or divert the focus of existing staff.
The innovations base2Services has brought to the partnership enable Parakeet to do business securely and rapidly. As a result Parakeet have become an approved Xero integration partner which will accelerate their growth and is a significant achievement for their business.
As an extension of Parakeet’s team, base2Services designs and manages the cloud and security infrastructure in direct collaboration with Parakeet’s engineers. As part of DevOps as a Service, base2Services will continuously enhance the delivered solution, provide new capabilities as Parakeet’s needs change, and provide global 24/7 support across the whole environment.
See the impressive results
- Built and implemented a PCI DSS compliant environment 3x faster than if done on their own
- PCI DSS compliance process completed in just 6 weeks
- Fully operational AWS Elastic Kubernetes Service along with CI/CD pipelines to enable faster time to market
- Partnership replaces need to hire 2 full-time cloud engineers, providing savings of ≥$200,000 a year
- Cloud cost savings of 53% on dev and test environments due to base2Services’ flexible AWS spot instances configuration
- Enabled them to go from ideation to a customer-facing product (production) in less than 3 months
- Greatly increased potential customer base through the successful selection as approved integration partner for Xero
- PCI DSS Compliance process completed in just 6 weeks
- $200,000 Savings in Staffing Costs
- 53% Cost Reduction for Dev/Test Environment
"It was awesome to have a team of experts who proactively worked with us to achieve PCI Level 1 Compliance. It only took 6 weeks to achieve which was a great outcome"Charles Wong, CEO & Co-Founder