Building on similar work from previous years for global Fund and Wealth Management firms, the R&D team augmented the built-in security provisions of the Invessed, Umbraco, and Kentico platforms to ensure adherence to stringent security requirements.
The improvements were delivered for major financial clients such as Bowmore Asset Management and Apollonian Advisors.
Combining best-of-breed components from Microsoft Azure and the Google Cloud Platform
Due to the insufficient built-in security provisions and absence of an off-the-shelf solution that would satisfy Fund and Wealth Management firms’ security requirements, GrowCreate created a custom implementation. Our solution combined best-of-breed components from Microsoft Azure and the Google Cloud Platform, to create a unique secure environment that does not hinder user experience.
The implementation adds layers of security improvements to the frameworks and open-source products used, including advancements to authentication and cryptography, secure deployments, and closing of more recent vulnerabilities. In the end, the product passed multiple penetration tests conducted by independent providers.
Scientific or technological uncertainties
The advancements described above could not be achieved without resolving scientific/technological uncertainties. The main scientific/technological uncertainties that the company sought to overcome during this claim period are summarised below:
- How to extend Invessed, Umbraco and Kentico with added security provisions, whilst maintaining the core product intact, to ensure upgradability
- How to detect, assess and address vulnerabilities inherent in web applications, but especially in open-source products
- How to ensure that the security provisions were deployable on diverse server infrastructure and did not disrupt the user experience
Eventually, the team was able to circumvent all their technological challenges to achieve a fully tested website, verified by an independent provider.