Leading Online-Only Pharmacy

The customer, one of the UK’s leading online-only pharmacies, dispenses tens of thousands of items per month and processes confidential NHS related PII data. They had built an initial web application with another software development partner, but needed help performing a security review and also wanted to confirm that their architecture adhered to best practice.

The customer turned to D55 following an AWS recommendation, and together we performed the review of their architecture. Once this was complete, a number of subsequent issues were found which needed to be remediated. There was a further need to improve the application and platform to be more reliable and scalable and enhance the experience for end users.

D55 was engaged by a customer to conduct a comprehensive review and modernisation of their AWS-based infrastructure, following the six pillars of the AWS Well-Architected Framework. The initial security audit identified multiple issues, including open ports on web servers and misconfigurations in IAM, Security Groups, and NACLs. These findings led to a prioritised remediation plan that involved both configuration updates and application design pattern changes, significantly enhancing the security posture of the system.

Following this initial audit, D55 and the customer embarked on a year-long partnership focused on evolving the application. This collaboration included architectural improvements, test automation, and the deployment of new features. Notably, the team integrated domain-specific functionalities, such as NHS pharmacy nominations via NEMS and validations against the Patient Demographic Service. To streamline customer support, an integration with the customer’s ZenDesk platform was also implemented.

D55 further improved the system’s reliability and performance by optimising AWS resources, such as EC2 instances and Lambda functions, to ensure they were correctly provisioned and capable of automatic scaling. The introduction of autoscaling groups and the deployment of services across multiple availability zones provided enhanced fault tolerance and high availability. Additionally, proactive security measures, such as AWS Security Hub, Amazon GuardDuty, and IAM Identity Center, were employed to safeguard sensitive data and ensure robust access management.

The end result was a fully modernised, secure, and efficient infrastructure that not only improved user experience and reduced costs but also ensured high availability and disaster recovery readiness. The application and platform are now well-equipped to meet future demands, with comprehensive monitoring, backup, and security practices in place.

With the comprehensive modernisation and security enhancements implemented by D55, the customer is now well-positioned to continue evolving their application features to stay competitive in an ever-changing world. The robust, scalable, and secure infrastructure provides a strong foundation for future innovation, enabling the customer to swiftly adapt to new challenges and opportunities. As the competitive and digital landscapes evolve, they can confidently introduce new functionalities and improvements, ensuring their application remains at the forefront of online opportunities.