Introduction
As a global player in the human resources industry, our client operates specialised recruitment and MSP brands in prominent markets spanning the UK, North America, Australia, the Middle East, Asia Pacific, and Europe.
A considerable number of their brands are recognised as top-tier companies and are household names within their respective markets. Catering to the needs of numerous job seekers worldwide, this enterprise oversees multiple recruitment websites, payroll systems, candidate CV databases, cloud based file-sharing applications, publicly accessible mobile apps, and a sophisticated multi-site infrastructure.
The Challenge
Adopting a data-centric approach to their operations, our client was keen to protect and secure their portfolio of over 25 websites and 2 data centres. This commitment to security aimed to align with industry best practice and adhere to international data privacy laws.
Additionally, the stringent mandates outlined in the General Data Protection Regulation, including the principles of ‘privacy by design’, ‘breach notification’ and ‘subject access requests’ necessitated the development of a new cybersecurity platform capable of ensuring compliance in these crucial areas.
Looking for enhanced security measures, our client sought to deploy a high-calibre, cloud based anti-DDoS solution, including Web Application Firewall (WAF) to protect their extensive web assets from the growing threat of malicious DDoS attacks and web application attacks. Alongside this, there were also required a penetration testing programme.
The Solution
When the project began, the client was in the process of moving their operations to the cloud using Microsoft Azure. Following a successful test phase, Babble embarked on implementing a fully managed Oracle Dyn WAF solution to support the client’s network, which is used by multiple tenants.
The deployment posted challenges due to Azure’s handling of encrypted web sessions and handles local load balancing. However, the feature rich Dyn Cybersecurity Suite allowed us to enhance protection by implementing geo-load balancing on top of Azure, resulting in a better installation.
With this deployment, the client now has safeguarded 27 different production assets, including websites, APls, portals, and their CRM system, each with customised security policies.
Babble’s cybersecurity solution was rolled out to secure over 50 live and test/development domains and web facing applications. It soon became apparent that the client was experiencing high volumes of malicious bot traffic, which was consuming significant resources across their network.
The platform is now handling a monthly load 60 million requests and transmitting 0.7TB of data. The solution features dynamic caching, which has reduced the strain on origin servers by an impressive 77%, resulting in faster loading times and an enhanced end-user experience – a significant benefit for customers.
The system allows for a centralized approach to fine tuning security rules across all web assets, streamlining estate management. The client now enjoys the flexibility to create tailored rules for each site, a level of customisation that wouldn’t have been achievable with a fixed template approach.