Neo Financial implements Zero Trust access using Amazon WorkSpaces Web

May 2023

Neo Financial, a Canadian company, is on the cutting edge of technology, delivering highly valued services like credit cards with no annual fees, unlimited cash back, and flexible credit limits. In order to best support its remote employees, Neo Financial needed a means of providing secure access to their admin portal via web browser. Companies often use virtual private networks (VPNs) for this use case, but VPNs can be time consuming for IT to administer, cumbersome for users, and costly due to additional hardware requirements. Neo Financial also wanted to move toward a security model that grants resource access based on user credentials, rather than network connection. 

Neo Financial was already using Amazon Web Services (AWS) and was interested in deploying Amazon WorkSpaces Web—a low-cost, fully managed service designed to facilitate secure browser access to internal websites and software-as-a-service (SaaS) applications—as soon as it was available in Canada. With Amazon WorkSpaces Web, end users can stream internal web content on personal devices, which improves user productivity, helps maintain a strong security and compliance posture, and allows IT and infrastructure teams make better use of limited resources.

kr_quotemark

Using Amazon WorkSpaces Web, we have fewer servers to manage and can use single sign-on to manage authentication across our business, helping us achieve our Zero Trust goals."

Eric Zaporzan
Director of Infrastructure, Neo Financial

Opportunity | Using Amazon WorkSpaces Web to provide secure access to the Neo Financial administrative portal

Founded in 2019, Neo Financial takes a digital-first approach to banking with its mobile app and website. Using Neo Financial credit cards, customers gain rewards at over 10,000 partner businesses throughout Canada. The company surpassed one million users in 2022, and has quickly grown to be an innovative alternative to brick-and-mortar banks. 

Neo Financial employees need secure access to the administrative portal to perform tasks like reviewing customer account details, verifying information, and resolving disputes. Because the portal contains confidential customer information, security is essential. Prior to implementing Amazon WorkSpaces Web, Neo Financial managed access to the administrative portal using VPNs, which created unnecessary complexity for employees. From an IT perspective, VPN management also tied up limited resources. Neo Financial needed a solution that would streamline user access to the portal, while reducing the load on IT staff and providing the highest levels of security. 

When Amazon WorkSpaces Web was announced at the AWS re:Invent 2021 conference, Neo Financial expressed interest right away. “AWS has a very broad range of fully managed, turnkey services,” says Eric Zaporzan, director of infrastructure at Neo Financial. “If we have a problem that we’re trying to solve, we go to AWS first.” While Neo Financial waited for the release of Amazon WorkSpaces Web in the Canada Central Region, the company’s IT staff set up subnets and a networking location, so it could quickly spin up a proof of concept as soon as the service was available. When Amazon WorkSpaces Web launched in the Canada Central Region in August 2022, Neo Financial rolled out the proof of concept to a small team first, providing feedback and learnings to the AWS account team. After seeing that the solution brought value to employees, Neo Financial implemented Amazon WorkSpaces Web across the business in December 2022, deploying to 250 active monthly users.

Solution | Reducing the burden of managing VPNs, while improving worker productivity

Employees who access the administrative portal using Amazon WorkSpaces Web can log on with a single mouse click using the company’s single sign-on (SSO) provider, instead of gaining access from a VPN. Prior to implementing Amazon WorkSpaces Web, Neo Financial found that new employees had difficulty using VPNs, which extended onboarding time. “Upfront, there were about 2–4 hours in time savings per user, using Amazon WorkSpaces Web instead of VPNs,” says Zaporzan. Neo Financial also sees benefits from using Amazon WorkSpaces Web because it enables employees to use their own devices. “It’s simpler for the user because they don’t need to install anything extra on a personal device,” says Zaporzan. “The ease of provisioning Amazon WorkSpaces Web also streamlines IT management.” 

Because Neo Financial no longer needs VPNs to provide workers with secure access to the administrative portal, their IT organization has fewer servers to manage and saves time onboarding and provisioning users. The team saves roughly 40 hours of infrastructure management time per year because it doesn’t have to manage patching, upgrades, and other administrative tasks on VPN servers. “We can handle tickets more quickly and do more with the same number of people,” says Zaporzan. “Because Amazon WorkSpaces Web is plug and play, our staff has more time to spend on other pursuits.” 

Using Amazon WorkSpaces Web, Neo Financial is advancing its Zero Trust initiative by granting users access to resources based on user-specific credentials, rather than relying on network access. With Zero Trust, Neo Financial reduces the risk of third parties gaining access to company data and infrastructure through a compromised, lost, or stolen device.

The company also uses session monitoring through Amazon WorkSpaces Web for investigative purposes. These features bolster security and help Neo Financial meet strict compliance requirements in the financial services industry. “Using Amazon WorkSpaces Web, we have fewer servers to manage and can use single sign-on to manage authentication across our business, helping us achieve our Zero Trust goals,” says Zaporzan. “All those factors help make audits simpler for the Payment Card Industry Data Security Standard (PCI DSS) and other compliance measures.” 

“Using Amazon WorkSpaces Web, we can maintain a high standard of security and privacy by keeping our customers’ valued data within the AWS Cloud at all times,” says Neil Stewart, director of cybersecurity at Neo Financial. “By keeping data off local machines, we can maintain strict role-based access within the virtual portal, and maintain full control of where the data resides—which is the basis for our Zero Trust approach.” 

Neo Financial received a lot of support from AWS, including help addressing feedback from users and dealing with tricky issues, like creating browser policies. “We had many productive meetings with the Amazon WorkSpaces Web team. They listened to the feedback that we had and addressed issues quickly,” says Zaporzan. “It was also helpful to have AWS support addressing issues that weren’t straightforward and needed a little more expertise to figure out.” 

Outcome | Positioning Neo Financial for future success using AWS Services

Neo Financial plans to continue pushing the envelope to deliver innovative features, functionality, and service offerings, so it can keep growing and remain a compelling alternative to other Canadian financial services companies. “We've been on AWS since the beginning, for basically all of our cloud needs, because of the reliability, security, and scalability,” says Zaporzan. “Using AWS, we can efficiently and securely scale as we continue to grow our business.”


About Neo Financial

Neo Financial takes a digital-first approach to banking in Canada with its mobile app, website, and competitive rewards program. The company surpassed one million users in 2022 and has quickly grown to be an alternative to traditional banking.

Benefits of AWS

  • Maintains a strong security and compliance posture
  • Simplifies the compliance audit process
  • Facilitates secure access to administrative portal without VPNs
  • Saves time for IT and infrastructure teams
  • Saves 2-4 hours per user during onboarding

AWS Services Used

Amazon Workspaces Web

WorkSpaces Web is a low cost, fully managed, Linux-based service, designed to facilitate secure browser access to internal websites and software-as-a-service (SaaS) applications from existing web browsers, without the administrative burden of appliances, managing infrastructure, specialized client software, or virtual private network (VPN) connections.

Learn more »


Get Started

Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.