Practices used
AWS services involved
  • Amazon CloudFront
  • Amazon VPC
  • Landing Zone
  • VPC Flow Logs
Turning Legacy into Innovation: Advanced Networking and Landing Zone Setup for cutting-edge Fintech solutions.

PayDo is an Italian startup active in the fintech world. It is involved in the development of a suite of services offered to Banks, Payment Institutions, and Companies aimed at digitizing, modernizing, and simplifying takings and payment processes.

PayDo chose beSharp as AWS Premier Consulting Partner to implement an advanced networking system based on the Amazon Web Services services allowing secure and efficient connections with partners’ tools and low latency for a better customer experience, always in accordance with the governance and compliance rules of the finance sector.

The Challenge

  • Reduce public endpoints to the minimum, secure them, and effectively and constantly control all the incoming requests.
  • Allow private, and secure communication with both internal AWS services and third parties database services.
  • Implementing custom Advanced networking solutions to be used for VPN setup, and traffic centralization in order to allow integrations with partners’ services.

The Solution

  • A secure and well-balanced traffic distribution between computing resources has been achieved thanks to the use of AWS WAF e Application Load Balancer. Amazon CloudFront, together with globally distributed Edge Locations, was also involved for low-latency content distribution.
  • VPC peering and enforced in-transit encryption based on TLS protocol were used to enable private communication towards third-parties tools hosted on AWS.
  • A solution involving features like in-transit VPCs, private NAT Gateways, and AWS PrivateLink was deployed in order to correctly route traffic to different services and partners.

The benefits


By limiting the number of public endpoints available and taking advantage of AWS managed services, it was possible to reduce the possibility of malicious attacks so that risks have been decreased and the overall security posture has been increased


By taking advantage of the AWS internal network and services, it was possible to avoid problems related to public internet reliability.


Exploiting the Hub-and-Spoke model instead of the Many-to-Mesh one, service usage costs have been reduced by 20%. Also, this took to easier management of the network configurations.

About beSharp and AWS

beSharp worked with PayDo to design and implement an advanced Networking system able to meet the customer’s interoperability needs, going beyond the limits of legacy systems typically used in the finance world.

Also, governance and compliance constraints were met thanks to careful design. Through an on-the-job training approach, the beSharp Cloud Experts have made PayDo’s technical teams autonomous in the management of the new environment, enabling them to evolve the infrastructure supporting the business growth.

Thanks to a state-of-the-art design, in line with AWS best practices and with the AWS Well-Architected Framework pillars, PayDo has obtained a secure, resilient, scalable, and easy-to-maintain infrastructure, significantly reducing time-to-market and offering its end customers increasingly cutting-edge solutions.

Case Study

Discover more success stories

Gen-AI-powered next-generation Planner
View more


Made in Italy Delivered at the speed of the cloud.
View more


Cloud infrastructures for a rapidly evolving start-up.
View more


Call us, write us, come and meet us!

beSharp contattaci