Free Trial

Please fill in the following information for free trial.

  • Company

    *
  • Name

    *
  • Post

    *
  • E-mail

    *
  • Phone

    *
  • Code

    Get code

Free Download

Please fill in the following information for free trial.

  • Company

    *
  • Name

    *
  • Post

    *
  • E-mail

    *
  • Phone

    *
  • Code

    Get code

Download

Please click the Download button to download the resources.

Down

Products & Solutions

Best Security Practice on AWS in Alo7

About Alo7

  • Alo7 was established in July 2004 in Boston, USA. In 2010, Alo7 created a brand on learning for Chinese children aged 3-15. Adhering to the product concept “be fun, be useful”, Alo7 dedicates to providing internationalized English teaching products and services for Chinese children. It combines the international education concept with advanced technology and builds OMO (online-mobile-offline) English education system, which includes original textbooks, interactive courseware, operating platforms, home-school communication, and one-stop foreign teacher video services. In 2017, Alo7 launched a series of product upgrades focusing on the four core roles in teaching process, namely students, parents, teachers, and principals. Through AI-driven automated teaching, it realized the personalized self-adaptation learning pattern, which centers on students and learning effects. At present, Alo7 has become a provider of children's English textbooks for a number of well-known training institutions and full-time schools, such as New Oriental, Only Edu., Bond, and Daqiao. There are more than 15 million registered users, and one million annual paid users in Alo7.
  •  

Customer problem

  • Based on B2B business model, Alo7 sells point-cards to education and training institutions directly. Therefore, for each additional partner, the visiting traffic on its websites and mobile terminals will increase significantly, which requires an excellent extensibility on Alo7 operating platform. At the same time, for the consideration of system availability and security, Alo7 chose AWS cloud platform instead of deploying self-purchasing servers in the Internet Data Center (IDC).
  •  
  • After migrating business to AWS, Alo7 first considered the security issue. It suffers a lot of Web-aspect attacks, since its main business is all about Internet users and presented to customers through the Web. These weaknesses of Web application systems are significantly different from the traditional network systems.
  •  

Problem definition

  • ● The unique applications require customized security
  • The security of the operating system and network is guaranteed by AWS, while Alo7 is responsible for the security of the application system. At present, there are various developers for online application system development in Alo7, and each application system is also unique from others. The weakness of each application system also differs. Each application system is unique, and so do the weaknesses within it. Some applications of Alo7 are developed by itself, and some applications/modules are developed by third parties. As a result, the development habits and components are different from each other, and weaknesses and vulnerabilities are also different. Hence, it needs to provide customized application-based security protection.
  •  
  • ● Traditional methods are difficult to work
  • Traditional methods of security protection (such as firewalls, intrusion detection, etc.) are ineffective for application weaknesses, which are determined by the functional properties of the application system. The weaknesses of the application system exist at the highest level of the OSI model, while the traditional security products work on the 3-4 level. From this point of view, the traditional products do nothing on the security of the application and cannot solve the security issues of Alo7.
  •  
  • ● The data is extremely important, and the harm is more direct
  • The registered users’ information is the core data and most valuable asset of Alo7. The online application system is the frontend of data presentation and interaction. The problems in online application system will directly threaten the data security, which even cause devastating damages. Therefore, Alo7 needs to strengthen the protection of online business.
  •  

ECCOM security solution

  • The system of Alo7 is a typical Web+DB two-tier application architecture built on EC2, VPC, ELB and other IaaS services. At the same time, it uses security groups to perform basic network security control. On this basis, ECCOM helps Alo7 build an account and authorization collaboration mechanism for cross-customer AWS IAM Account and security service provider (ECCOM) AWS IAM Account. In addition, base on best practices, we use CloudFormation to deploy the security infrastructure rapidly and reliably, continuously analyze and improve the overall operation of the ISMS through CloudWatch, CloudTrail and AWS Config. The security services provided by ECCOM security solution includes:
  • ● Account Management and Authority Management
  • ● AWS Infrastructure Security
  • ● Data Layer Protection
  •  
  •  

Outcomes

  • ● Lower operating costs;
  • ● Information Security Management System (ISMS) provides full protection for AWS resources;
  • ● Security monitoring and rapid event response.
  •  

Summary

  • By migrating systems to AWS, Alo7 has avoided a large amount of investment in self-purchasing servers, and at the same time, the systems have good scalability. ECCOM helped Alo7 quickly construct a complete public cloud Information Security Management System, and reinforce the security of systems running on AWS at different levels. An efficient security infrastructure implementation meets the needs of continuously expanding for enterprise business.

TAC

Tel    : 400-820-5-820,800-820-5-820
mail  : TAC@eccom.com.cn
web  : www.ECCOM.NET.CN


Services

Services

ECCOM Smart Service
360° Comprehensive Lifecycle Services

More >


Contact Us

Shanghai

TEL:021-61372888

Nanjing Office

TEL: 025-84677650

Hangzhou Office

TEL: 0571-26890266

Beijing-Yintai Centre

TEL: 010-85216999

Beijing-Shoudong Centre

TEL:010-87224666

Jinan Office

TEL:0531-67880519

Xi'an Office

TEL:029-89384503

Shenzhen-Futian Office

TEL: 0755-33966800

Guangzhou Office

TEL: 020-28059288

Xiamen Office

TEL: 0592-5376000-92020

Fuzhou Office

TEL:

Chengdu Office

TEL: 028-65533878

Chongqing Office

TEL:023-88280080

Kunming Office

TEL:0871-3602050

Wuhan Office

TEL:027-87267899

Xianggang Office

TEL:+852 39735958


Ji'nan Office

TEL:0531-83186508

Xi'an Office

TEL:029-88178595

Shenzhen Branch

TEL:0755-33966800

Guangzhou Branch

TEL:020-28059288

Xiamen Office

TEL:0592-5376000-90213

Fuzhou Office

TEL:0591-38160599

Chengdu Office

TEL: 028-65533878

Chongqing Branch

TEL:023-88280080

Kunming Office

TEL:0871-63602050

Wuhan Office

TEL:027-87267899

Nanchang Office

TEL:0791-88228229

Hong Kong Branch

TEL:+852 39994888

-->