PCG logo
Case Study

Who provides security to security providers?

About Deutsche Payment

Established in 2003, Deutsche Payment’s headquarters are in Berlin, Germany. The company pioneers a cutting-edge technological framework that revolutionizes end-to-end payment processes for enterprises. With extensive expertise in payment processing, the company employs secure technologies to craft innovative business payment solutions. Through strategic collaborations and the creation of custom provider-centric systems, Deutsche Payment curates an expansive industry-specific solution portfolio. Drawing upon a cadre of specialists spanning banking, finance, e-commerce, law, technology, and marketing, the company stands as a powerhouse at the intersection of technology and commerce.

The Challenge

Our team of cloud experts have already been involved in the design and implementation of the Deutsche Payment infrastructure in AWS. Using Terraform (Infrastructure as Code) was set to be our baseline. Preparing the AWS cloud environment for further automation and PCI/DSS re-certification of the customer's service landscape was our mission. To do so, the creation of hardened Amazon Machine Images (AMI) as well as providing a mechanism for verified code check-ins became necessary.

By using AWS’ auto-scaling and self-healing infrastructure to host applications, the foundations are prepared for golden AMI usage. The target machines must follow Center for Internet SecurityExternal Link (CIS) guidelines and have to contain the verified software for fast start-up times.

The Solution

A multi-stage build process was implemented by using AWS CodeCommit, CodeBuild and CodePipeline. The first stages check that commits are signed by a permitted author, only then the build continues. By using HashiCorps packer and modern Amazon Linux 2, CIS rules are applied to the AMI before baking in the actual software and encrypting the volume. As an additional management tool, AWS Inspector is added to permanently monitor running instances on compliance.

Our Contribution

PCG designed the process together with the Deutsche Payment and described the infrastructure in Terraform. We also provided tools to update running applications in-place with new AMI as well as housekeeping functionality.

Results and Benefits

By setting up an automated build process, the resulting environment is always benefitting from updated and AWS managed security patches and threat knowledge, while putting the applications under full compliance monitoring using AWS Inspector.

The Upshot

Hardening the used infrastructure from the very beginning and permanently monitoring it on compliance using the full AWS feature set enables the Deutsche Payment to further develop their offerings, while running it fully scalable and secure on fully managed AWS IaaS.

About PCG

Public Cloud Group (PCG) supports companies in their digital transformation through the use of public cloud solutions.

With a product portfolio designed to accompany organisations of all sizes in their cloud journey and competence that is a synonym for highly qualified staff that clients and partners like to work with, PCG is positioned as a reliable and trustworthy partner for the hyperscalers, relevant and with repeatedly validated competence and credibility.

We have the highest partnership status with the three relevant hyperscalers: Amazon Web Services (AWS), Google, and Microsoft. As experienced providers, we advise our customers independently with cloud implementation, application development, and managed services.


Services Used

Continue Reading

Press Release
PCG Named as a Launch Partner for the AWS European Sovereign Cloud (ESC)

Public Cloud Group (PCG) has been selected as an official AWS Launch Partner for the introduction of the AWS European Sovereign Cloud (ESC).

Learn more
Article
Modernization on AWS: Rethinking Applications

From monolithic to modular, why cloud-native is the better way

Learn more
Article
Education
Education
Procurement to Impact: AWS for Education

An informative guide for IT leaders in education outlining the five key stages of AWS cloud adoption—procurement, onboarding, implementation, optimisation, and outcomes—supported by practical insights and examples.

Learn more
Article
Cloud Strategy Meets Reality: Why Timing in Cloud Migration Matters More Than You Think

Cloud migration without a modernization strategy? Learn how to efficiently plan the modernization of infrastructure and software.

Learn more
See all

Let's work together

United Kingdom
Arrow Down