Case Study | CAF: Information Security on Cloud Platforms
In recent years CAF, a multinational group and rail sector leader with more than 100 years of experience offering integral transport systems, has started down the path to becoming a more digital and data-driven company. As a leader in the rail sector, CAF offers is clients one of the largest and most flexible ranges on the market for rolling stock, components, infrastructure, signaling and services.
The transport sector has adopted industry standards 4.0.
Industry 4.0 standards characterised by intelligent systems and Internet-based industrial solutions, has been adopted by the transport sector, especially the railway sector.
The use of new technologies leads to improvements in the quality of services and business models, based on the analytical capabilities of big data and its potential to transform today’s platforms into a network of collaborative communities that move freight and passenger transport. The current trend toward automation and data sharing is aimed at adopting new and emergent technologies to achieve greater levels of efficacy and efficiency.
Several years ago CAF launched its “Digital Train” initiative, leading to the creation of the LeadMind platform, which provides a new generation of connected trains and more competitive services for operators and maintenance staff in the rail industry through data acquisition and advanced analytics. These services make it possible to visualize fleet status in real time and optimize maintenance plans based on the actual condition of the train assets. The result is maximum fleet availability, energy efficiency and safety.
Providing clients with the ability to access valuable information such as the data offered by CAF through the LeadMind platform requires granting high levels of privacy and security. Protecting industrial data from unauthorized access is one of CAF’s essential objectives. Complying with international information security standards like ISO / IEC 27001 is therefore crucial for LeadMind and its clients.
Solution on AWS
Keepler is a provider of specialized services in, among other things, the execution of data analysis projects in AWS, where privacy and security are the foundation stones of the architecture. That is why CAF trusted Keepler’s experience to analyze the architecture and operational model of LeadMind.
During the project, the needs to reinforce the standard were identified and the new requirements were transferred to proposals for both procedures and design aligned with the AWS portfolio of services or characteristics. Finally, a plan was developed in conjunction with CAF for the platform to comply with ISO / IEC 27001 on this set of issues:
Inventory management
Identities and access management
Password management
Change management
Capacity management
Anti-virus and Anti-malware
Back-ups and recovery
Log management
Clock synchronization
Vulnerability management
Network / Communications (networking)
Software development
Incident management
Business continuity
The project was carried out by two Keepler architects certified as Professional Architects in AWS as well as in the Big Data and Security specialties, and CAF was provided with the following information as a result.
AWS services used were as follows
Cybersecurity in AWS: general review of the LeadMind status (As-Is Analysis) and design of the mechanisms to implement to comply with ISO / IEC 27001 (To-Be Design).
Vulnerability management procedures.
Incident response action protocol.
Contingency plans for business continuity
User management procedures.
Software lifecycle management procedures.
Plan for executing the changes required for the platform to comply with the To-Be Design.
Benefits for the client
Platform Security Optimization
Optimization of the platform’s security posture through the use of native cloud security services.
AWS Best Practices
Establishment of best practices in the areas of security and operations across the scope of the LeadMind solution, from the accounts structure of the AWS organization to managing updates on EC2 virtual machines.
Enhancing Reliability and Availability
Improvements to the reliability and availability of the LeadMind solution.
Amplified Client Trust
Increased trust of clients and partners as a result of the improvements implemented.
Keepler is a full-stack analytics services company specialized in the design, construction, deployment and operation of advanced public cloud analytics custom-made solutions. We bring to the market the Data Product concept, which is a fully automated, public cloud services-based, tailored software that adds advanced analytics, data engineering, massive data processing, and monitoring features. In addition, we help our customers transition to using public cloud services securely and improve data governance to make the organization more data-centric.
Would you like to talk about your business?
We can help you leverage the power of data to enhance your operations.