Enhanced security & performance for Kotak Securities’ digital trading platform
DRUPAL 7 UPGRADES
PLATFORM MANAGEMENT
SECURITY & PERFORMANCE UPGRADES
Client Overview
Kotak Securities Limited (KSL), a subsidiary of Kotak Mahindra Bank, is one of India’s largest full-service stockbroking firms catering to retail and institutional investors across all segments of the capital market. With 27 lakh customer accounts, 153 branches, and 1332 franchisees, KSL caters to customers from 361 cities across India.
https://www.kotaksecurities.com/
Project Overview
As a stock broking company, offering a performant and secure portal was paramount. KSL’s digital trading platform was running on the old Drupal 7 version which impacted their performance and security. We partnered with KSL to enhance their site performance and security. We performed Drupal core and contrib module upgrades with the latest security patches. These upgrades were performed with minimum downtime.
Faster page loading time
Drupal contrib modules updated
Downtime reduced from 6 hours to 2 hours
Client Requirements
To ensure zero vulnerabilities & performant portal the client required:
-
Upgrading all Drupal 7 contrib modules, core, and security patches.
-
Improve the performance by reducing the page load time
-
Upgrade PHP and Apache server versions
-
Ensure minimum downtime
-
Due to security concerns, we couldn’t leverage any third party or open source plugins
Our Tech Consulting
QED42 proposed the following changes:
-
Drupal 7 core version upgrade
-
Upgrade the contrib modules & security patches
-
Upgrade to PHP 7.3
-
Upgrade Apache 2.2 to Apache 2.4
Our Solutions
Kotak Securities' digital trading platform hadn’t been updated for several years, this led to poor performance and high vulnerability toward security threats.
Audit
We audited their code base and checked for security update compatibilities. The audit indicated that we were required to update the Drupal 7 version and their current PHP version to accommodate the security patches.
Drupal 7 core and contrib modules
The Drupal community releases security updates, bug fixes, and new features regularly. We updated KSL’s Drupal 7 core along with 15 contrib modules to ensure that the digital trading platform was up-to-date with all security patches and that the modules operated seamlessly.
Upgrading Apache server
KSL’s portal used the Apache 2.2 web server. Apache is the most commonly used web server for Drupal. However, the Apache 2.2 web server has a lot of vulnerabilities and thus we upgraded KSL’s Apache server to 2.4.
Upgrading PHP 5.3 to PHP 7.3
The minimum recommended PHP version for Drupal 7 was PHP 7.2.x. KSL’s digital trading platform was operating on the PHP 5.3 version whose support had ended on June 3, 2019. Beyond security considerations, KSL’s portal was missing out on the significant performance improvements that come with the newer versions. Our team upgraded the PHP version to 7.3, which not only comes with security enhancements but also huge performance gains.
Minimum downtime
Since the KSL portal acts as a digital trading platform and is used extensively by around 27 lakh customers for equities, derivatives, mutual funds, margin trade funding, depository services, and third-party products like insurance. In order to cater to this large influx of users, the client required all the upgrades and enhancements to the portal to happen with minimum downtime. QED42 considerably reduced the downtime from 6 hours to less than 2 hours and ensured that the portal was up and had minimum impact on end-users.
Business Outcomes
-
Enhanced security for Kotak’s digital trading platform by eliminating all vulnerabilities and upgrading the security patches.
-
Enhanced the performance by improving the page load time by 20%
-
We ensured minimum downtime in order to offer a seamless experience to their end-users
We upgraded the Drupal core and contrib module with the latest security patches to ensure that KSL’s digital trading platform was secure and stable.
Technology Stack
Build infinitely scalable applications.
