The Latest News & Insights

Customer Challenge A financial services company became aware of a critical need to secure their generative artificial intelligence (GenAI) models against malware infiltration. These models are used to efficiently process large amounts of unstructured financial data to deliver rapid quantitative and qualitative analysis across multiple business lines.

Customer Challenge In 2022, the Office of the Superintendent of Financial Institutions (OSFI) of Canada released its final version of Guideline B-13 - Technology and Cyber Risk Management. These guidelines, effective January 1, 2024, establish expectations for how federally regulated financial institutions (FRFIs)* should manage technology and cyber risks across three domains: Governance and Risk Management; Technology Operations and Resilience; Cyber Security.

The Challenge Like many public sector agencies, this organization uses Amazon S3 to ingest and store large amounts of data from third party vendors and data brokers for processing. During a security audit, it was determined that the ingestion of TB of data each month from outside sources is a major attack vector. There was no assurance that the data has been scanned for malware and viruses before it was processed and accessed by agency staff or shared externally with partner agencies.

Customer Challenge As a fast-growing learning management solution, MindEdge was receiving a growing number of questions from existing and potential customers about their security practices. MindEdge determined that the best route for elevating customer confidence was to achieve SOC 2 compliance. While preparing their roadmap for making their system and processes SOC 2 compliant, they found themselves in need of additional security controls to ensure that objects stored and shared from Amazon S3 buckets were scanned and clean from malware. The team identified three main requirements that needed to be met:

Customer Challenge ADEC Innovations hosts an application on AWS that collects environmental data, charts, and assets from public sources and aggregates these resources as elements in a pdf report for environmental professionals. The reports are stored in Amazon S3 buckets and delivered to customers via automated email. Occasionally, customers would report that the delivery of the file had been blocked by their firewall or that the local device’s endpoint solution warned the user of potential malicious code embedded in the report.

Customer Challenge Workvivo is a workplace employee communication platform that allows organizations to keep their employees engaged and up to date with what their colleagues are doing. Like many solutions hosted on AWS, Workvivo utilizes Amazon S3 as the data store for ingesting and sharing files with its application users. Since employees using the platform can upload videos, images, documents, and other files, Workvivo realized there was a need to ensure that uploaded files are scanned for viruses and malware before they are shared with downstream application users.

Customer Challenge Poka's connected worker platform for manufacturers leverages Amazon to store a variety of training content and user uploaded files that are then shared with downstream users as part of the application workflow. In order to meet SOC 2 compliance requirements to prove that all files were scanned for potential malware before they were shared by their solution, Poka implemented a homegrown solution leveraging an open-source virus detection engine, AWS Lambdas, and Amazon EFS as the main components. As their customer base and the volume of data and files grew, their in-house solution required increasing maintenance time to meet their real time scanning requirements.