Migam and a Multi-layered Strategy for Security and Digital Resilience
Deployment date: 2025
Sector: technology
Google Cloud
Migam required an environment that met the highest security standards, enabling collaboration with entities in the most heavily regulated economic sectors. OChK conducted a comprehensive security assessment of Migam's Google Cloud and Google Workspace environments and subsequently implemented key recommendations. Additionally, OChK developed two critical procedures: Business Continuity Planning (BCP) and Incident Response (IR). As a result of these initiatives, Migam now possesses a properly secured environment backed by a comprehensive, multi-layered cybersecurity and operational resilience strategy.
About Migam
Migam is a Polish startup that enables private organizations and public institutions to effectively serve deaf customers and meet legal accessibility requirements. The company's flagship service, The Migam Interpreter, provides an instant video connection with a professional Polish Sign Language (PJM) interpreter, accessible via a web browser on any device equipped with a camera. To date, Migam has handled over 500,000 video calls, and its solutions are used by more than 2,000 companies and organizations across various industries. The company also offers translations of documents, films, and television programs into sign language. For several years, Migam has been developing its groundbreaking Migam AI technology—an automated, AI-driven sign language translation tool that converts video to text and text to video in real time. Ultimately, Migam AI aims to support 30 sign languages and scale globally.
Challenges
Compliance with High Security Standards: The need to align the cloud environment with the rigorous security standards dictated by the DORA regulation. In light of an upcoming partnership with a financial sector entity, Migam sought to ensure its solution complied with cybersecurity requirements, specifically regarding security and log monitoring for mail and server services. This also involved developing business continuity planning and incident management procedures to quickly and effectively resume critical operations following a potential outage, as well as to respond to any security breaches.
Maintaining the Tech Stack: Migam’s proprietary system is built on Google Cloud components; therefore, it was crucial to maintain the existing core technology stack.
Migam needed a partner capable of providing comprehensive and multifaceted support. The expectations covered both cybersecurity and compliance, as well as technological optimization through the implementation of key recommendations. OChK’s experience in these areas and the wide range of services it offers were the deciding factors in its selection as the project partner.
Solution and implementation
To help Migam reach its goal, OChK experts designed and executed a comprehensive security assessment of the Google Cloud and Google Workspace environments. Key recommendations were then implemented based on priority levels. The project addressed critical areas such as employee access to IT systems, change management, and security monitoring. Key technical steps included: configuring the Alert Center in Google Workspace, configuring Security Command Center in Google Cloud, implementing Microsoft Intune and Microsoft Defender for Endpoint, migrating web applications from Firebase Hosting to Cloud Run and deploying Cloud Armor.
The process was augmented by the development of two major procedures:
Business Continuity Planning Procedure: To ensure the uninterrupted delivery of the online sign language interpreter service and protect the underlying resources.
Incident Response Procedure: Aimed at restoring normal operations swiftly following a security breach and minimizing damage through containment, remediation, and post-incident analysis.
Throughout the project, OChK experts conducted workshops to transfer cloud know-how and provide Migam’s team with deep insights into the implemented security measures.
Technologies used
Google Workspace
Alert Center
Security Command Center
Microsoft Intune
MS Defender for Endpoint
Google Cloud Run
Cloud Armor
Results
By implementing the recommendations from the Google Cloud and Google Workspace assessment, Migam now operates in an environment with a security posture that permits collaboration with the most heavily regulated sectors.
Security mechanisms such as Cloud Armor, Alert Center, and Security Command Center provide a first line of defense against DDoS and web attacks (WAF), offer a centralized view of resources, and enable proactive security posture management across both cloud environments—from infrastructure to user activities.
Simultaneously, the combination of Microsoft Intune and Microsoft Defender for Endpoint creates a unified platform to secure all devices, enforcing compliance and actively responding to advanced threats.
This technology, paired with robust business continuity and incident management procedures, forms a multi-layered strategy for cybersecurity and operational resilience. This ensures Migam is prepared to quickly resume operations after a disaster and effectively respond to disruptions.
The cloud assessment significantly increased the company's security maturity while addressing DORA requirements.
We were looking for a partner who would not only audit our environment but also help us implement specific changes and build a long-term security strategy. OChK met these expectations perfectly. We particularly value their holistic approach—from the Google Cloud and Workspace assessment to implementing recommendations and developing business continuity and incident response procedures. As a result, we can confidently enter partnerships with financial sector entities, certain that our environment meets the highest security standards.
Arkadiusz Poński
CTO, Migam S.A.
What are your challenges?
Let's face them together!