Case Study:
Compass Security

Customer

Compass Security is an established Swiss company specializing in IT security services. With its headquarters in Switzerland and additional offices in Germany and Canada, Compass Security employs over 70 staff members. As a leading technical provider in Europe, the company offers a wide array of security solutions and focuses on the growing demand for professional IT security services. Structured as a management holding, Compass Security is optimally positioned to meet international standards and the security needs of its global clientele.

Project

Compass Security was seeking a service provider for system maintenance, updates, and support for their existing web presences.

The project's goal was to offer secure and scalable hosting for websites running on TYPO3 and WordPress, and to develop a robust deployment setup.

Additionally, the existing systems were to be updated and further developed to ensure the security and efficiency of their web presences.

Implementation

For the project with Compass Security, CosmoCode developed a custom deployment setup that specifically considered the high security requirements and technical complexity of the existing systems. The deployment is based on Docker, allowing a flexible and modular design of the hosting environment. By using Docker containers, CosmoCode can ensure an isolated and secure environment for each component of the project.

The integration of an automated deployment pipeline between development, staging, and live instances ensures an efficient and error-free transfer of code changes to the production environment. This system enables quick and reliable rollout of updates and new features without compromising operational stability. This automation significantly reduces human errors and increases the efficiency of the update process.

Traefik is used as a reverse proxy, automating the routing of requests to the appropriate Docker containers. Traefik also handles SSL, automatically obtaining certificates from Let's Encrypt. This setup not only promotes high availability and reliability of web applications but also supports the DevOps model by enabling developers to directly influence web server configurations. This flexibility leads to faster iterations and better adaptation to changing requirements over the course of the project.

CosmoCode also updated the TYPO3 instance from version 10 to version 11. The upgrade process involved careful planning and execution of various steps to ensure the platform's compatibility and security. Besides updating dependencies and the associated database migrations, this included adapting and testing existing custom extensions. Special attention was given to minimizing downtime and ensuring a smooth transition throughout the entire process. CosmoCode also reviewed and adjusted TYPO3 configurations and file management structures to fully leverage new features and improvements in TYPO3 v11.

Compass Security regularly conducts penetration tests on the infrastructure provided by CosmoCode. This ensures that both the web applications and the underlying hosting environment are continuously checked for vulnerabilities and optimized. This proactive security approach helps to identify and mitigate potential security risks early, which is essential for maintaining a secure and trustworthy IT environment.

CosmoCode provides continuous support and a dedicated service desk for Compass Security's TYPO3 and WordPress instances. This ticketing system ensures efficient and transparent handling of requests and issues.

Together, all these components create a robust and security-focused hosting and management environment for Compass Security's internet presence.