Alert Logic provides the perfect mix of artificial intelligence from their product suite and human intelligence from their security operations center to give us fast remediation actions that keep us secure and compliant.Marcus Kern, Chief Technology Officer
Solution Overview: Amazon Web Services
Want to learn about Alert Logic solutions?
Visibility Beyond Compliance
Securing Mobile Billing with Intrusion Detection
Fonix provides mobile payments and messaging services for clients across telecoms, media, entertainment, enterprise and commerce. Fonix's technology allows frictionless, impulsive purchases across a wide range of tariffs for both single transactions and subscription services. It is the largest mobile billing platform in this space and is driven by blue chip clients such as Channel 5, Powwownow, Daily Mail Group, Aimia, Three and Jersey Telecom.
To maximize flexibility and efficiency, the team made an early decision to run their platform on AWS. AWS is extremely transparent about the security services it delivers versus what is the responsibility of the customer. Basically, while AWS secures the underlying infrastructure, AWS customers are responsible for securing their applications and data. At Fonix, that meant looking for partners and tools to help secure its messaging platform and data.
One of the first security layers that Fonix identified as being useful in their network was intrusion detection and vulnerability scanning, both by identifying potential weaknesses as well as suspicious activity on its network. With their systems managing SMS messages and subscriber information, keeping that data safe from attackers was deemed critical for the success of their business.
“As a relatively young company, we want our customers to know that we’re serious about security and more important, we don’t want data in our system to fall into the wrong hands,” said Marcus Kern, Chief Technology Officer. “Our ultimate goal is to achieve ISO 27001 compliance and fortunately, we’re already well on our way to achieving that goal.”
Alert Logic Threat Manager had the intrusion detection capabilities we needed and was definitely the most cloud-friendly solution.Marcus Kern, Chief Technology Officer
Why Alert Logic?
Kern set out to look for an intrusion detection solution that was cloud-based, that could be operated in-house when desired and was also delivered as a managed service. Kern evaluated Alert Logic Threat Manager as well as other intrusion detection systems listed in the AWS Marketplace and ultimately decided to implement Threat Manager. “Alert Logic Threat Manager had the intrusion detection capabilities we needed and was definitely the most cloud-friendly solution.”
During his initial two-week trial of Threat Manager, Kern liked that he didn’t need to install a physical appliance to collect event information and that Threat Manager included the ability to scan Fonix’s AWS network for vulnerabilities. Part of the planned ISO 27001 certification involves working with external auditors to identify and mitigate vulnerabilities, and Fonix was able to use Threat Manager vulnerability scanning to find and address many issues, then share results with external auditors using Threat Manager reports.
As a technology process focused organization, a huge value to Fonix is the Threat Manager ActiveWatch service. With ActiveWatch, GIAC-certified analysts in the Alert Logic Security Operations Center (SOC) monitor customer environments 24x7, identifying suspicious activity, evaluating the severity of threats, and helping customers mitigate issues. “Alert Logic provides the perfect mix of artificial intelligence from their product suite and human intelligence from their security operations center to give us fast remediation actions that keep us secure and compliant,” said Kern.