The public authority was replacing its on-premises data analytics system with a cloud-based approach. The platform combines terabytes of data from multiple sources and has a major impact of the authority's ability to perform their duties.
The data on the platform comes with varying information security classifications. Some dataset are public while others come with a strict secret classification. This placed high security requirements on the platform.
The client has strict internal security policies that needed to be implemented by the project. This was the first time they were ever applied to a cloud-based project.
Azure security architecture design
Fraktal participated in the architecture design work by delivering the security architecture design. The design detailed how the security features required by the client’s policies are implemented on the services, systems, and their integrations. These features included for example identity management, access authorizations, protecting data at rest, encrypting data in transit, and protecting the platform against DDoS attacks.
Fraktal assisted the implementation by reviewing and commenting security configurations and provigin operational security documentation for example about incident response.
Fraktal delivered manual security testing to verify that there are no unexpected security exposure before go-live.
Technologies and methods
The platform uses various Azure services for compute, storage, networking, and security.
The project used infrastructure-as-code approach.
Dataiku was used for big data analytics.
The dashboards and reports where created using Looker.