Founded in 2020, Driva is a tech-driven car finance platform, seeking to change the way Australians navigate existing lenders to finance their next car. Co-founders Scott Montarello and Will Brown founded Driva with a simple vision in mind - to make the car financing process simple, transparent and fast for all involved.
Overview
After a few years of strong growth, Driva was looking to expand further coming into 2022/23. Navigating the complexities that come with operating in a highly-regulated industry combined with maintaining steady growth meant that Driva was a prime candidate for utilizing a partner to help achieve its goals.
Thoughtworks spoke to Driva’s first employee, Viktor Shlapkin, Head of Engineering to learn more about how Thoughtworks has partnered with Driva to deliver a best practice and secure platform for its customers.
Viktor has a background in the startup ecosystem across Israel and Australia and has been with the company since its inception, now leading the technical engineering team as Head of Engineering.
Challenges around security and scalability
Key challenges:
Ensuring a safe and secure platform for customers
Scalability and functionality of infrastructure to allow for company growth
Providing best practice standards and processes
Team had a heavy focus on infrastructure maintenance, taking away from time that could be spent on platform development
Future vision of achieving ISO27001
Unplanned downtime
With security becoming a key consideration for customers, Driva wanted to ensure excellence in this pillar in order to give customers confidence in their services. Having best practice processes in place, suitable infrastructure for scalability and the ability to meet regulatory and compliance requirements were additional priorities to take into consideration.
As Driva started to mature as a business, it was identified that support was needed to relieve pressure off the internal engineering team. A recommendation from AWS led Driva to Thoughtworks. Driva’s business priorities meant that they were a perfect candidate for a Well-Architected Framework Review (WAFR) and long term partnership through a dedicated team of cloud experts.
For other companies looking to transform or modernize their business using cloud and engaging a partner for support, I would recommend the sooner the better.
A secure and scalable solution
Engaging Thoughtworks for a Well-Architected Framework Review (WAFR) generated a full report of Driva’s environment, infrastructure and posture to see potential areas of improvement. Driva was provided with a detailed remediation report identifying high, medium and low-risk items across the six Well-Architected pillars. From this, remediation work was identified and executed on by Thoughtworks.
With a strong base to start with, Driva onboarded with our dedicated cloud team. Items identified during the WAFR and remediation were scheduled as ongoing projects to ensure Driva’s business goals were met going forward. Cloud team engagement added value for Driva in the following areas:
24/7 monitoring and alerting
Improving security posture and mitigation of possible security risks
Advice and guidance around best practice processes
Expert knowledge on AWS
Scalability and flexibility for monthly requirements, adding the most value for Driva - when and where they need it
Training on IaaC with internal dev team
Support to get set up for future compliance goals to achieve ISO27001
With ongoing collaboration and engagement, including monthly meetings and reports to keep on track, Driva was set up to stay secure with optimized infrastructure that enables it to achieve its business goals. The support provided by Thoughtworks has also meant that two of the internal Driva dev team have been freed up to work on internal projects.
As a growing business, getting the cloud foundations set up in the right way will help us to scale in a secure and cost effective way.
Outcomes
Driva has a core ongoing business objective to be able to integrate with more partners and as a result, drive even more consumers to the platform. By partnering with Thoughtworks, Driva was able to fine-tune its platform and bring it in line with AWS’ Well-Architected pillars to ensure all aspects were operating within best practice standards.
With AWS's robust security features, including encryption, identity and access management and advanced threat detection, Driva could establish a highly secure environment for its sensitive financial data. Additionally, AWS's global network of data centers and their compliance certifications provided assurance of reliable infrastructure and regulatory compliance, readying Driva for future goals to achieve ISO27001.
The ongoing cloud support in base operations, monitoring and security taken care of by our dedicated cloud team allows the engineering team at Driva to focus on core business, product improvements, new features and scaling the business even further. In addition, the security guidance Thoughtworks provided and the improvements introduced will support Driva in conversations with new and existing partners going forward.
Key outcomes
Security improvements
Well-Architected best practice
97% reduction in AWS costs
Improvements in infrastructure posture
Two Driva engineers freed up to focus on the core business with platform feature and functionality development, rather than infrastructure maintenance
Website monitoring - 100% uptime
Facilitating more mature processes to enable a smoother step towards ISO27001 certification in the future, in particular robust change management and security controls
Optimized environment, removing unused functions and reducing number of alerts
90 day lifecycle policy implemented on S3 data storage bucket
Proactive monitoring - immediate detection and support mitigating any potential issues and resolving high priority incidents
Strong collaborative working relationship
By relying on Thoughtworks to take care of the monitoring and maintenance, Driva can continue to focus on offering transparency and ease to customers and seamless partnership integrations with car dealerships.
Overall, partnering with Thoughtworks and choosing to host on AWS has empowered Driva to establish a secure, scalable, and future-proof foundation, enabling th company to focus on innovation, meet industry standards and grow its platform confidently.
We have found Thoughtworks to be well organized, have good communication and be very flexible around Driva’s business needs.
