About The Client
Edelweiss is one of India's leading financial services conglomerates, offering a robust platform to a diversified client base across domestic and global geographies.
The Edelweiss Group is one of India's leading diversified financial services companies providing a broad range of financial products and services to a substantial and diversified client base that includes corporations, institutions and individuals. Edelweiss's products and services span multiple asset classes and consumer segments across domestic and global geographies. Its businesses are broadly divided into Credit Business (Retail Credit comprises of Retail Mortgage, SME and Business Loans, Loan against Securities, Agri and Rural Finance, Corporate Credit comprises of Structured Collateralized Credit to Corporates and Wholesale Mortgages), Franchise & Advisory Business (Wealth Management, Asset Management including Distressed Assets and Capital Markets) and Insurance (life and general insurance).
The CMS migration, powered by Osian's expertise and ability to design, develop and deploy, has been crucial in helping us achieve our goals. The quick turnaround has yielded spectacular results allowing us to make a quick transition to a more flexible, dependable and secure workflow. Osian's technological expertise has helped us deploy on the AWS cloud infrastructure leveraging best practices while ensuring security. Their familiarity with various services on the AWS cloud platform was instrumental and they actively advised us on ways that we could save on costs without any compromise on performance. Osian also helped us identify and mitigate risks when it came to the proposed architecture on AWS in a timely fashion at every juncture during the engagement. All of this has helped creating a comprehensive system that adds value and fits admirably well in the overall vision for our cloud strategy. I am happy to see continued improvements and feature enhancements in the system and we look forward to a favorable partnership with Osian
- Nitin Agarwal, Group CIO, CTO President at Edelweiss Financial Services
Osian was tasked with the migration of their existing expensive commercially licensed CMS to one that allowed flexibility of authoring content without sacrificing security and enabled a new digital culture of creation with a robust, usable CMS to support them in delivering their business objectives and empowering their network of teams.
The main challenge was to take into consideration the various content across properties and consolidate them into a single platform that would allow for sharing of code, seamless management and enhanced security.
The new solution also needed to give the staff the ability to build pages on the fly without the need for a developer. This would enable the client to reduce the time required to manage the content across multiple sites and finally improve the creative options.
Our old website slowed our marketing team down instead of enabling them. That is why we needed more creative options to easily build and tweak pages within our CMS.
- Prateek Tomar, Project Manager at Edelweiss Financial Services
Osian came up with a list of mature content management platforms that are currently industry standard and created a comparison matrix of features that allowed the client to reach a decision.
The primary selection criteria was based on a few key factors, including :
Both Wordpress and Drupal have low maintenance and have minor non breaking version upgrades. Also the fact that the wide use of both systems ensures that there is always backward compatibility and ease of upgrading systems.
By nature CMS systems are vulnerable SQL Injection and other security vulnerabilities, no CMS is an exception to this. While commercially developed CMS systems enjoy a higher degree of security the fact is all CMS systems are vulnerable. The major security for a CMS system can be handled at the Infrastructure level for Layer 4 & Layer 7 attacks.
Wordpress, Drupal, Liferay (Community Edition) are open source and free to use. AEM many of the components are open source. Also the footprint of running PHP v/s Java on a web server has varying requirements. Both Drupal & Wordpress offer very cost effective solutions over the other CMS systems.
Ease of use
A quality CMS should include a power editor which allows for the creation of pages using a WYSIWYG editor without sacrificing on overrides permitted by code. Wordpress, in our experience, allowed for highly customizable information architecture including content taxonomy and template driven page rendering engine.
Community driven as well as commercially developed plugins allow for modularity while enabling features in the website. CMSs with active communities are under constant development, with constant access to updates, security patches and help from an open knowledgebase.
Comparison of CMS Systems
|Time version upgrade||Low||Low||High||High|
|Custom Custom Models||✓||✓||✓||✓|
|Cost of Ownership||Low||Low to Medium||Medium||High|
Osian enabled the migration of content from the erstwhile CMS by creating a scalable import process that handled data and media into a format that adhered to the Wordpress architecture. This was made possible by rigorously testing the data structure after building the routines and ensuring that when the time came to migrate, it ran correctly and efficiently.
Osian’s solution included leveraging the AWS cloud platform to host the multiple websites allowing for enhanced cybersecurity features and management that AWS provides. This involved implementing the best practices at multiple levels including Infrastructure, Application Server & Application levels. Some of the key components enhancing the security were AWS Web Application Firewall, Static website served using AWS CloudFront, enhanced security at the WebServer level, Application Firewall for Level 7 attacks, Linux File level permissions & handing permissions at IAM level on the used machine. Two Factor Authentication has also been implemented along with network security for safe login to the network area.
Following best practices for any Framework gives additional benefits, for the project we followed all best practices for development of Plugins, Themes & Security. All code is modular, easily swappable & extendable components.
The main challenge was to take into consideration the various content across properties and consolidate them into a single platform. Ease of use is the most critical consideration when it comes to adaptability in business. We leveraged the wide adaptability of Wordpress WYSIWYG components, along with adding and built some key plugins to enhance the experience customised towards the ease of use, keeping in mind security and governance.
Architecture & Security
The Application components can be categorized as below as per the functions:
AWS Web application Firewall: is the first level of defence, when it comes to layer 7 attacks, known URLs, Rate Limiting & Bot detection is blocked at the WAF level itself.
Application Load balancer: The SSL request termination happens at ALB level, all traffic is limited to the VPC.
VPC Endpoints: All communications to Amazon Relational Database Service (MySQl) happens within the VPC via VPC Endpoints.
Amazon CloudFront: The entire site is served statically via Amazon CloudFront, all images are served directly via Amazon S3.
Amazon S3: Components that grow over a period of time when it comes to a CMS Application are logs, database & assets. Logs & assets are pushed to S3 from the application server.
Amazon RDS: Using a secure scalable database with Multi AZ high availability is the fundamental foundation for scalability.
Load Balancing & Auto Scaling with Cloud Watch: To handle peak loads compute services scale in a Multi AZ cluster, marshalling is handled via the Elastic Load balancer.
Custom User Journeys & Forms: The application is equipped with state of Art form builders which enable quick & easy user journey creation. It is completely authorable and easy to design & deploy. Rich dashboards for viewing leads & data along with ability to add schedulers & external integration add to much power in the hands of Business without the intervention of developers.
AWS Event Bridge: Offloading custom Forms & Journey outputs to the AWS Event bus enabled the customer to have deeper integrations with existing systems. We leveraged the work of AWS Event bridge to deeply integrate with Microsoft SharePoint. This enables the customer to leverage existing operational skills with the newer environments like Wordpress. Adding this very component begins to open up infinite possibilities of interplay between various systems, the Wordpress layer being at the forefront.
Custom user workflows: Workflows are a centerpiece of any Enterprise. Multi tier Approvals across sites can be centrally managed. Alerts via email & a summary on the Dashboard promotes ease of use & governance.
Image Optimization: Workflows to auto optimize images into various sizes was enabled to move the requirement of optimization from the Business to the process. This helps in reducing website load times and improves efficiency, ensuring optimisation is applied at each image.
Below are some metrics that showcase the success of this project:
Page speed insights
At the time of launch the corporate website had a google page speed insight desktop score of 90-94 at the time of launch.
Reduction in cost
At the time of launch we achieved over 60% reduction in Infrastructure cost and 90% reduction in license costs.