Horangi Warden Helps Zave Build Cyber Resilience and Protect Customer Data on AWS.

Software-as-a-Service (SaaS) platform for tax and accounting services Zave uses Horangi to keep its data, systems, and infrastructure compliant with industry standards including ISO 27001 and PCI DSS. Because Zave’s data is hosted on the Amazon Web Services (AWS) cloud, Warden plays a crucial role in ensuring proper configurations, encryption, and access controls.

Business Challenge

To help create new business opportunities, Zave needed to meet demanding enterprise client requirements for its cloud-hosted platform to be continuously compliant with industry-best cybersecurity frameworks.

Warden’s Impact

  • Mitigate security risks around Zave’s critical Amazon Web Services resources
  • Accelerate compliance efforts with a risk-prioritized compliance dashboard
  • Build robust cybersecurity processes using Warden’s platform recommendations

The Story

Zave, a Singapore-based technology company, helps private companies and their stakeholders track important dates and deadlines, manage activities with their corporate secretary, and store important company information and documents. 

As a one-stop shop platform that offers tax and accounting services for small and medium sized enterprises (SMEs), Zave holds the keys to its customers’ emails, important compliance dates, deadlines, registrations, and exemptions. All of these data and applications are hosted on Amazon Web Services (AWS).

Zave website interface

To demonstrate its commitment to protecting all of the private data entrusted to Zave by its customers, the Software-as-a-Service (SaaS) company strictly adheres to industry-best cybersecurity frameworks such as ISO 27001 and PCI DSS in all its processes and technology. 

So how does Zave stay compliant with these frameworks? In 2019, Zave discovered Horangi Warden, a Cloud Security Posture Management (CSPM) software that provides Zave the cloud visibility and security alerts required to maintain a robust security posture.

The Engagement

Zave hosts data on AWS resources including Amazon EC2, Amazon RDS, and Amazon S3. For Zave, it is imperative that they effectively manage the risks around these critical resources. 

The team considered using Warden as an infrastructure monitoring tool for these critical resources on AWS. When Zave initiated a Warden trial, the company was immediately alerted to new security risks they had never considered before. Not only were these security risks automatically prioritized in severity level, but they were also mapped to equivalent best practices under popular compliance standards including PCI DSS and ISO 27001 — the same frameworks that guide Zave’s security efforts. This depth of visibility on one dashboard made it easy for the team to focus their efforts.

Zave employees group photo

Like all types of infrastructure, whether on-prem or in the cloud, proper configurations can mean the difference between an incident-free environment and a major data breach. Warden acts as guardrails against such incidents, including unauthorized access and data leaks.

Considering Zave’s lean DevOps team, it makes sense for the SaaS company to adopt technology that scales with their business. Warden, with its integrated compliance features and autonomous security alerts, fits the bill.

The Results

Since onboarding its AWS cloud accounts onto Warden, Zave has accelerated its compliance program towards ISO 27001 and the Monetary Authority of Singapore (MAS) Cyber Hygiene, a regulation for institutions managing financial data in Singapore. The integrated compliance features within Warden allow the Zave team to benchmark their AWS environment against cloud security best practices. Warden’s regular cloud security assessments help Zave identify and prioritize actions that move its compliance program in the right direction.

“Most of our large enterprise clients require our product’s security to adhere to industry standards. Warden enables us to uphold these standards by monitoring vulnerabilities and providing useful recommendations that we can immediately act on. Furthermore, the software is easy to configure and was set up on our AWS environment in minutes.” said Mervin Tan, VP Engineering at Zave.

Taking advantage of Warden’s autonomous detection of potential security vulnerabilities and compliance violations, the Zave team has been able to act swiftly and consistently improve its cloud security posture. For instance, by being able to understand which of its dependencies leads to an increased risk of denial of service attacks, the team gets meaningful insights to improve its engineering processes. Warden's comprehensive encryption ruleset around S3, ElasticSearch, CloudFront, and other relevant AWS resources also helps Zave to tighten the security of its processes such as data backups.

"With the sheer number of developer cloud accounts that we have, it is very challenging to keep track of how each is being configured. Implementing Warden to do the tedious work of monitoring was a no brainer for us. The amount of time I’ve saved and potential security incidents averted is enough reason to continue with this amazing software."

Alan Schmoll, CEO & Founder

Thanks to Warden’s repeated security findings and recommendations based on Horangi’s security consultants, Zave has established robust security processes in the cloud that govern the access management and frequency of data backups. As Horangi continues being Zave’s security partner in testing its systems for critical vulnerabilities, we are committed to helping Zave grow as the chosen tax and accounting services platform for SMEs.