Jemena

Modernising Customer Experience with a Secure AWS-Based CX Portal

Consolidating legacy platforms into a unified, scalable, and resilient customer-facing portal

Challenge

Jemena, a major utility provider, needed to replace two fragmented legacy platforms—the Gas Distribution Portal and the Outlook Portal—with a unified customer experience (CX) portal. These outdated systems resulted in inconsistent user experiences, disjointed service processes, and high operational overhead. The goal was to provide a modern, intuitive platform capable of serving residential, commercial, and high-density users while integrating securely with core enterprise systems such as SAP and Westpac.

Key Issues

  • Fragmented User Experiences and Inconsistent Navigation Across Legacy Platforms – The two existing customer-facing portals—Gas Distribution and Outlook—offered disjointed user interfaces with varied user journeys and branding. This led to confusion for customers navigating between services, negatively impacting satisfaction and increasing support overhead.
  • Manual Service Request Handling and Disconnected Payment Workflows – Customer service processes, such as lodging requests, submitting documents, or processing payments, were largely manual or semi-automated. This resulted in operational inefficiencies, slower resolution times, and higher risks of human error. Payment workflows lacked integration with backend financial systems, introducing reconciliation challenges.
  • No Unified Identity and Access Control Model – Each legacy platform had its own access control mechanism, leading to inconsistent enforcement of authentication policies and an inability to offer a single sign-on experience. The lack of centralized IAM increased the risk of unauthorized access and made audit and user lifecycle management difficult.
  • Siloed Backend System Integrations – Critical enterprise systems like SAP and Westpac were either partially integrated or not integrated at all with the portals. This caused delays in data synchronization, duplicated data entry efforts, and made real-time insights and automation infeasible.
  • Low Scalability and Fault Tolerance in Existing Infrastructure – The prior setup was not built to scale elastically with user demand. Infrastructure lacked fault-tolerant design, exposing the platforms to risks of downtime during high-traffic periods or Availability Zone failures. This also constrained Jemena’s ability to support future growth or expand digital services.
  • Compliance Risks Due to Inconsistent Encryption and Logging – The legacy architecture lacked standardization in applying encryption at rest and in transit, exposing customer and operational data to compliance risks. Logging was inconsistent across platforms, limiting observability, auditability, and the ability to respond to incidents in a timely and forensically sound manner.

Solution

Versent partnered with Jemena to architect and implement a secure, serverless AWS solution for the new CX Portal using DevSecOps principles and human-centred design (HCD). The application was developed using React, deployed across four environments (DEV, E2E, QA, PROD), and isolated by AWS accounts for operational separation and security.

The architecture leveraged multi-AZ VPCs in the Sydney region to ensure high availability. Key AWS services included API Gateway, Lambda, CloudFront, Route 53, Secrets Manager, KMS, and AWS Network Firewall. The solution was deployed using GitLab CI/CD pipelines, with infrastructure and security automated end-to-end.

Resilience and elasticity were built into the architecture:

  • Lambda and API Gateway handled elastic scaling for varied traffic loads
  • NAT Gateways and Route 53 health checks ensured multi-AZ failover
  • CloudFront edge caching optimized performance for end users

Security and compliance were embedded across the platform:

  • Least privilege IAM roles and permission boundaries in CI/CD
  • Data encryption in transit and at rest using TLS and KMS
  • Monitoring and traceability via CloudTrail and X-Ray
  • Alignment with CIS 1.4 benchmarks and periodic Well-Architected reviews

As Part of the Process, We

  • Unified Disparate Legacy Systems into a Modern, Scalable Portal – Replaced the outdated Gas Distribution and Outlook portals with a single customer experience platform that delivers consistent functionality and branding. The unified solution supports multiple customer segments—residential, commercial, and high-density—on a single codebase and architecture, enabling streamlined service request handling, document management, and payment workflows.
  • Automated Infrastructure and Application Delivery Using CI/CD and IaC – Established fully automated CI/CD pipelines using GitLab to deploy infrastructure and application code. Terraform and AWS CDK were used for infrastructure as code, enabling environment parity, version-controlled deployments, and rapid, low-risk releases across development, QA, and production environments.
  • Engineered Fault-Tolerant Architecture Spanning Three Availability Zones – Architected the solution with high availability in mind by distributing all critical services—including Lambda, API Gateway, NAT Gateway, Network Firewall, and Route 53—across three Availability Zones in AWS Sydney. This ensures zonal isolation and continuity of service during outages or maintenance events.
  • Integrated with Core Enterprise Systems via Secure and Scalable APIs – Built custom API integrations with back-end systems such as SAP for customer data and billing, and Westpac for payment processing. These integrations are secured with IAM roles, API Gateway throttling, and encrypted communication using TLS, ensuring secure, real-time data exchange.
  • Embedded Compliance, Observability, and Governance from Inception – Ensured the architecture met CIS 1.4 benchmarks and internal governance standards by embedding compliance tooling like AWS Config, CloudTrail, and Security Hub. Observability was achieved through CloudWatch, X-Ray, and structured logging, allowing full traceability and rapid incident response.
  • Adopted DevSecOps Practices for Secure, Rapid Delivery – Integrated security at every stage of the software delivery lifecycle—static code analysis, secret scanning, and pipeline-level IAM permission boundaries were implemented in CI/CD workflows. This reduced vulnerabilities and bottlenecks while ensuring secure and compliant releases.

Outcomes

Jemena now benefits from a highly resilient, scalable, and secure customer experience platform. The architecture supports future digital services with confidence in operational continuity, compliance, and cost efficiency. Customer satisfaction and operational efficiency have improved significantly.

  • 3x improvement in customer task completion speed
  • Zero downtime deployments enabled through CI/CD automation
  • 99.99% availability across all core components due to multi-AZ design

Share