POS Malaysia's AWS Excellence: Enhancing Security, Reliability, and Cost Optimization

  1. Home
  2. >
  3. Case Study
  4. >
  5. POS Malaysia’s AWS Excellence:...

type: Case study


Executive Summary

Pos Malaysia is the national courier service provider and sole licensee for universal postal services in the country, delivering to more than 10 million addresses across the nation. With a track record of over 200 years, the Pos Malaysia Group has progressed from a traditional postal service into a dynamic mail and parcel services, financial services and supply chain solutions provider with the largest delivery and touchpoint network in Malaysia. Pos Malaysia’s Integrated Parcel Centre (IPC) was upgraded to process over 300,000 items a day. With the growing demand, Pos Malaysia incorporates various technologies to deliver several services to its customers and to realize its vision, “We deliver. We connect. We improve lives.”


•  IAM User best practice: POS Digital account has IAM users and wanted to improve their security posture in terms of IAM users, password policy, temporary access, secrets manager etc by implementing best practices to protect against unauthorized access across the cloud environment.
•  Automation: POS Digital account wanted to have a reliable platform with a modernized environment by leveraging AWS cloud-native services with higher fault isolation.
•  Reliability: POS Digital account’s objective is to enhance their testing process to validate the multi-deployment strategy along with the auto-scaling group to minimize the peak load performance.
•  Higher Availability for Application Recovery: POS Digital account wants to improve its application resiliency with multi-account strategy with a disaster recovery plan.

AWS Best Practice Recommendations Implemented

Security Pillar

•  Enable IAM key rotation for more than 90 days.
•  Configure password policy to match organization standards.
•  Implement AWS Secrets Manager in SSM parameter.
•  Enable IMDSv2 to secure EC2 instances where IAM roles are enabled.

Reliability Pillar

•  Enable multi-account strategy to plan for DR setup.
•  Enable auto healing layer by leveraging AWS Autoscaling group for business-critical instances.
•  Enable Route53 for more control over the data plane.

Performance Pillar

•  Enable metrics for infra and app layer with application insights to have more control of all layers.
•  Use AWS Config to have a proper audit of all the resources.

Customer Outcomes

•   Improved Security: The POS Digital account has enabled security posture across the environment in terms of MFA and IAM best practice and have enabled IMDSv2 to protect all the EC2 instances.
•   Enhanced Reliability: POS Digital account enabled auto-scaling group with a highly reliable environment. And customer has performed distributed load testing using Apache JMeter.
•   Cost Optimization: AWS Compute Optimizer has been enabled to have more control over the rightsizing of resources and addressed RI instances for better cost optimization.
•   Security Standards: End-to-end monitoring has been enabled on both the infra and app layer with application insights. Also tested some canary scripts for Synthetic monitoring on the web layer.


The POS Digital account has made significant enhancements across multiple fronts in its AWS environment. These include improved security through the implementation of Multi-Factor Authentication (MFA), adherence to IAM best practices, and the deployment of IMDSv2 to safeguard all EC2 instances. Additionally, the account has bolstered reliability by establishing an auto-scaling group for a highly dependable system, validated through distributed load testing using Apache JMeter. Cost optimization efforts have been prioritized by enabling AWS Compute Optimizer to fine-tune resource allocation and address Reserved Instances (RIs) for cost efficiency. Lastly, security standards have been elevated with end-to-end monitoring spanning both infrastructure and application layers, aided by application insights and the introduction of canary scripts for synthetic monitoring at the web layer to proactively identify and address potential issues.

About Minfy

Minfy Technologies is a Cloud Native System Integrator helping enterprises, start-ups and fast-growing businesses navigate digital journeys leveraging AI & Cloud technologies. We assist our customers in accelerating Digital Transformation, Cloud Adoption and Innovation. Our transformative services include Cloud Consulting, Migration & Legacy Modernisations, Cloud-Native Application Development and DeepTech implementations while offering reliable and world class 24x7 managed services.

Reach out to us for a better world

Minfy has a repository of learnings, competencies and an enviable track record of meeting customer needs. Advice and service, solutions and responsiveness work in tandem. Begin your cloud journey, accelerate it or optimise your cloud assets. Experience business impact.

This website stores cookie on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy. If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.