Fintech
GitHub Enterprise, >700 repositories
GitProtect Backup for GitHub Enterprise
No industry is safe from the threat of hacker attacks, and the financial sector has proven that much. And it’s not surprising, we are speaking about money, after all. From time to time we spot news in media headlines about hacker attacks on financial institutions and breached accounts. So, it’s evident that financial institutions and their operations need reliable and proven protection. Zoop's approach can be an excellent example of the best security practices for other companies, not only financial ones.
In this case study article, we will look at Zoop, a Brazilian fintech technology leader, and how this financial services giant uses GitProtect.io to ensure the security of its GitHub critical data. You will learn about the security challenges the company has faced and the actions taken to overcome them.
I can set up a backup plan and have a high level of confidence that it is going to work. I worked with other backup products for different IT services and never felt [until now] comfortable that the backup plan was going to work as expected.
Learn more
When we need to restore a repository, GitProtect brings speed, convenience and security to this process.
Learn more
The fact that the platform supports Jira, Confluence, and GitLab means that we have one single platform for our most mission-critical assets.
Learn more
With GitProtect.io we were able to bring all our Git repositories into backup compliance with the use of a single tool. Bonus points for Jira, we were only looking to backup Git, but we got Jira along with it!
Learn more
I like very much the possibility to back up from one environment [Bitbucket] and restore the repo to another environment [Bitbucket, GitHub, GitLab].
Learn more
With GitProtect, I now have the peace of mind knowing that my repositories are safe and secure, allowing me to focus on what matters most - building great software.
The fact that it automatically takes backup of crucial data is amazing. It is also compliant with SOC2 and ISO27K, making it easier for us to comply with local laws. And the fact that I can have a customized backup window is great.
The thing I liked most about GitProtect is its seamless and automated backup solutions, providing comprehensive data protection for various DevOps tools with unlimited storage capacity.
With GitProtect, setting up automated backups is a breeze no more sweating over manual processes. Plus, it's got your back when it comes to compliance, meeting standards for backups.
The backup feature is amazing I never have to worry about when it's going to back up because of the scheduling feature. The encryption feature is also exactly what my company needed.
GitProtect provides seamless integration with other version control systems like gitlab, github by simplifying the process of securing code repositories. Its alert system provides proactive protection against security threats.
So we use it on day to day basis to take backups of our GitHub and GitLab. Their team is very professional. We actually had person who setup an online meeting with us and helped us setup everything.
GitProtect makes super easy to backup our GitLab repositories, meeting all the compliance requirements that you can imagine. It ensures that the data is encrypted in transit and at rest, so all the source code is secure.
Backup solution that is most helpful for DevOps engineers and App developers where they are able to backup their Project files from multiple platforms such as GitHub, Bitbucket etc.
I am overwhelmed by the number of features available using GitProtect.
Zoop is one of the biggest fintech companies in Latin America. In 2021 the British magazine Daily Finance included this young company into the list of “the best fintech startups that bring innovation to the services of the financial system”. At the same time Fast Company mentions Zoop, a Rio de Janeiro-based fintech service, as one of the TOP 10 Most Innovative Companies in Latin America “for helping small businesses bank up.” The company processes 2 billion+ financial operations monthly with its instant payment system.
More than 300 employees are working and developing Zoop’s innovative financial technologies - Zoop Payments and Zoop Banking. The company uses GitHub Enterprise and GitHub Advanced Security under an Advanced Security license. It has around 700 repositories in its organization and approximately 160 users.
Zoop explains its service simply: it is a solution that allows companies from any segment to start operating as a payment institution, and Zoop has already helped 1k+ companies with it. Working through a White Label platform, the company develops technology for payment terminals and offers its partners software for POS and MiniPos terminals. Besides that, it also offers APIs for online payments and other functionalities to make all the process easier, like split, anticipation, etc. It performs the implementation via APIs which makes the operations simple and fast, optimizing the launch time of the service.
Working in the financial sector requires a lot of responsibility and attentiveness to security. Companies should follow strict internal regulations and security requirements, like SOC 2, ISO27K, GDPR, PCI DSS, SOX, and many others. Financial sector deals with money, so the companies need to build an authentic security plan following all those strict security standards, and backup is one of the necessary requirements. In short, due to very stringent legal and internal requirements, financial organizations can be regarded as the best benchmark when it comes to security - and Zoop's responsible approach is the best example of this.
Thus, Zoop faced its biggest challenge - to have all its repositories and metadata backed up with an easy and fast restore model. Moreover, they needed to keep its environment always up to date and maintain only what is really productive.
First, Zoop considered backup of GitHub repositories as a necessary security measure. Though, later another reason appeared - compliance. We all know that GitHub repository backup is one of the major requirements of passing Security Audits. Even while GitHub is thought of as a very reliable git hosting service provider, it’s not a secret that it can experience outages and crises. Let’s just look at the track of GitHub-related most severe security incidents of 2022
The company started to build its backup strategy on its own - the security engineers manually backed up each repository and stored them on Google Drive and its company S3. For a while this solution worked well, but it needed a lot of manual maintenance, as the company needed to authorize somebody from the team to write and perform this manual process of backup. And here a certain concern arose - this approach could lead to limited DevOps team resources and high long-term costs.
So, Zoop understood that it needed an automated backup solution. The company required the tool that would bring the ease of use - would provide with the possibility to create several backup plans according to the organization’s needs and would ensure a fast and efficient restore process.
Eventually, the company’s security engineers started looking for a more reliable GitHub backup solution and that's how our joint journey began.
Searching for a tool that would permit creating automated custom backups for its GitHub environment, Zoop’s team discovered GitProtect.io. After a careful analysis of this DevOps backup and recovery software, they understood that GitProtect.io was the most adherent tool to what they wanted for the reasons of functionality, practicalities, and values. And most importantly - it would let developers focus on generating growth and limit manual backup maintenance costs.
The process of adopting the backup solution was easy as GitProtect.io´s Sales Team treated Zoop´s during POC with special attention and was always ready to respond and help. It supported the fintech team with all the concerns they have - the process of assigning the company’s own S3 bucket, setting a flexible backup scheduler, rotation schemes (Custom and GFS), and versioning.
As a result, Zoop no longer needs to make manual backups to Google Drive. It can automate the process and create multiple backup plans - stored either on their own S3 storage or on free GitProtect Cloud Storage included in the license. The ability to have several storages also allows them to replicate efficiently.
GitProtect.io is a leading maintenance-free GitHub Backup and Disaster Recovery software. Thanks to the numerous years in the field of backup (GitProtect.io is a product of Xopero Software ), the backup solution has taken only the best traditional backup technologies and managed to build a reliable protection for repositories and metadata.
Let’s look at some of the key technical features that allow GitProtect.io to solve the problems Zoop has faced.
Zoop’s stores its data in the cloud, so it’s vital for the company to have all their data encrypted and stored in unexecutable form. Backup is a final line against ransomware attack, and AES 256 encryption is one of those standards that helps to boost security of critical data. Keeping that in mind, the solution not only provides Zoop with encryption in-flight and at rest, but goes a few steps ahead - it permits the company to create its own encryption key.
Not without significance for the company was the fact that the GitProtect team successfully passed the most important security audits, such as SOC 2 and ISO 27001 ensuring them with security, availability, processing integrity and confidentiality.
The goal of any backup solution is to ensure business continuity in the event of a disaster. In the case of DevOps tools, it is also important to maintain an uninterrupted workflow and eliminate any downtime in the team's work. As a reminder, Zoop's goal was to find centralized and complete backup of all repositories and metadata that ensures them with the possibility of a reliable, effective, and extremely fast restore.
In particular, Zoop verified the possibility of immediate, granular restore of repositories and metadata from any point in time for the possible daily operations needs and Disaster Recovery technologies to prevent them from major failures, such as GitHub outages.
With this solution, Zoop gained Disaster Recovery technologies prepared for every possible scenario. In the event of a failure, they can instantly restore their environment to the same or a new GitHub account (cloud to cloud or from cloud to self-hosted and conversely), to a local machine, or even cross-over to another git hosting service, like Bitbucket or GitLab.
In a nutshell, GitProtect provides Zoop with custom, recoverable backups from any point in time. With granularity, it helps them perform an instant restore of only chosen repositories and metadata for daily operations. Finally, any disaster-scenario-ready DR technologies ensure Zoop and its customers with the reliability and security of their DevOps data protection processes.
The final results of GitProtect.io backup and recovery tool adoption turned out to meet all Zoop expectations and allowed them to solve their challenges in terms of security, automation of data protection, and instant, proven recovery.
GitProtect.io helped Zoop to resolve issues with decentralized and incomplete backups, and to ease compliance with certain security audits and GitHub's Shared Responsibility Model. The team was a totally transparent partner in this process, helping them on each step of DevOps backup adoption.
Repositories with metadata, including issues, merge requests, hooks, keys, wiki and more.
