AWS Case Studies: Marketing Provider Starts with Secure Cloud Foundation

By Flux7 Labs
December 12, 2018

For scalable, secure AWS DevOps, it’s important to start on the right foot. For this reason, we were recently contacted by our client, a marketing solutions provider to more than 500,000 small businesses across America, to help with its cloud migration. The company wanted to bring Development, IT and Security under one umbrella, gain AWS skills and enhance security with a strong cloud foundation.

 

The AWS consulting services team immediately understood the marketing firm’s desire to build security into its new AWS environment. Indeed, security best practices are a built-in subset of our Security by Design approach. The teams agreed that a cloud landing zone would be an ideal solution to address its core development, security, and IT goals, giving it a solid foundation for its DevOps initiative moving forward.

 

AWS Architecture Best Practices

We addressed the marketing firm’s DevOps transition with three primary areas:

  • The company’s account concerns were addressed with an account factory that allows it to create multiple AWS accounts for the highest level of resource and security isolation. The account factory was coupled with IAM, applied applications of the principle of least privilege, and an Okta integration for secure identity management, single sign-on, and multi-factor authentication.
  • In addition, the cloud landing zone ensures that every AWS account that is provisioned is secure and auditable with CIS benchmarks. When coupled with an AMI factory, the team is able to create, verify and distribute AMIs that are standardized for compliance, providing DevOps security.
  • Advanced, secure VPCs were provided to the customer with Transit VPC, shared services VPC and a VPC factory.
  • The consulting and client teams worked together to install monitoring and logging with Amazon CloudWatch for event monitoring, AWS CloudTrail for logging and EBS Snapshots with Lambda and S3 for backups.

Last, we worked closely with the development, IT and security teams to teach them along the way the skills needed to configure and maintain their new AWS DevOps solution. The cloud landing zone deployed provides the marketing company with a fast and secure platform for its next steps on AWS, helping ensure they avoid common and potentially costly mistakes that can lead to security, scalability and other critical issues. Moreover, the solution provides important guardrails to enforce DevOps best practices and offers flexibility for continuous iteration and documentation of the platform through code. It also includes access control, appropriate processes, and logging for audit purposes.

 

To learn more about how this enterprise gained AWS and DevOps skills while improving its security, download the full case study today.

Technology is always changing. Stay in the loop with the Flux7 Blog