About the Customer

The customer is a leading Indonesian health and beauty group, managing multiple household brands in skincare, wellness, and beauty services. With its increasing reliance on digital platforms and cloud-hosted applications, the customer prioritizes safeguarding sensitive business and customer data while ensuring uninterrupted operations.

Customer Challenge

The customer stored large volumes of critical data on Amazon S3 and operated business applications on Amazon EC2. However, they faced increasing exposure to ransomware attacks, which posed significant risks such as:

• Manual detection of threats leading to slow response times (hours or even days).
• Limited native protection for S3 objects and EC2 workloads, insufficient against advanced ransomware threats.
• Potential for operational disruption and data loss, which could impact customer trust and regulatory compliance.

To mitigate these risks, the customer required an automated, cloud-native ransomware protection system that could detect, contain, and remediate threats in real time.

Partner Solution

Working with PT Innovation Cloud Services (ICS Compute), an AWS Advanced Consulting Partner, the customer deployed a ransomware protection framework leveraging AWS-native services and best-of-breed third-party security tooling:

1. Amazon GuardDuty Malware Protection + AWS Lambda for S3
   • GuardDuty continuously scans objects stored in Amazon S3 for ransomware and malware indicators.
   • When a threat is detected, Amazon EventBridge triggers AWS Lambda to automatically move infected files to a quarantined “clean” bucket, reducing manual intervention.
2. CrowdStrike Falcon Complete for EC2
   • Provides 24/7 monitoring of EC2 workloads.
   • Detects ransomware behaviors such as mass file encryption or unusual access patterns.
   • Applies preventive policy rules to block attacks before data is compromised.
3. Automation & Orchestration
   • AWS Lambda and EventBridge deliver real-time response workflows.
   • Ensures threats are isolated immediately, minimizing downtime and risk of lateral spread.

Results and Benefits

The solution significantly enhanced the customer’s security posture, delivering both operational and quantitative benefits:

• Automated ransomware detection and response across both S3 and EC2.
• 30% reduction in administrative effort and incident response time, freeing IT staff to focus on higher-value activities.
• Real-time alerts and remediation, compared to prior manual processes.
• Stronger 24/7 protection against ransomware with proactive isolation and safe recovery options.
• Improved confidence in cloud security, supporting the customer’s continued digital innovation.

About the Partner

Innovation Cloud Services (ICS Compute) is Indonesia’s first AWS Advanced Consulting Partner, specializing in secure cloud adoption, modernization, and managed services. Recognized with AWS Competencies in Migration & Modernization, DevOps, Resilience, and Generative AI, ICS Compute helps enterprises transform operations with scalable, secure, and compliant AWS solutions.