top of page

Transcard Payments, LLC

IDT develops new RBAC model and conducts AWS Security Assessment for Transcard Payments

Benefits to Client

New RBAC model and its implementation plan created for Transcard Payments, allow them to achieve full transparency in their staff security posture and IAM processes, as well as significantly reduce the amount of technical administrative work required for onboarding and offboarding of the staff members.
The security architecture implementation plan will let the business leadership start planning, funding, and prioritizing work to bolster its already secure AWS environment.

The Challenge

Over the past several years, Transcard endured rapid growth in both headcount and customer portfolio. As a result, they found themselves with multiple IT environments built by different teams at different times, and a wide variety of staff roles, which required a thorough review in order to formalize and automate Identity & Access Management (IAM) functions. In other words, they needed a Role Based Access Control (RBAC) implementation plan.
Another requirement was to assess Trancard's AWS environment against generally accepted security best practices and recommend hardening controls and technologies to strengthen already iron clad infrastructure.

IDT Solution

During the initial discovery phase, IDT experts worked closely with the Transcard Information Security team to identify the finite list of company roles and map those to the human user accounts and their access rights in the existing cloud and on-premise environments.
As the next step, IDT worked on revisiting user access based on “Need to know” and “Least Privilege” principles, in order to eliminate redundant access rights and reduce the overall number of IT user roles.
Finally, IDT and Transcard’s technical team reviewed the company’s scenarios and existing processes for user onboarding/offboarding, and developed new scenarios, optimized for future automation. All the results of this work were packaged and delivered to the client as a detailed and  comprehensive implementation plan.

 

The second part of the project, a security assessment of the multi-account AWS environment, was conducted using a set of automated tools. IDT experts reviewed the results and translated it to a comprehensive list of security controls ranging by their severity & importance, and created a detailed security architecture implementation plan, which concluded the number of the project deliveries.

Executive Summary

Transcard Payments, LLC is a SAAS funds disbursement and management platform that takes regulatory, time and cost burdens off payers while providing payees secure, self-service options for receiving their money. The company's online platform greatly simplifies payment processes for organizations across a broad range of industries including financial services, corporate disbursements, insurance, healthcare, hospitality, property management, real estate, transportation, and payroll.

bottom of page