About Customer
A leading investment holding company, the customer has over ten years of experience across information and communication technology distribution & services, outsourcing, consulting, and eProcurement. It focuses on simplifying the business for its clients through system integration, enterprise ICT, network security, radio network optimization, and more.
The Need for A Secure and Compliant Environment
The customer was looking for managed services support for securing their AWS environment and achieving CIS compliance. They wanted to continuously monitor their AWS environment resources and incidents, so that the security and compliance challenges, through automated alerts, can be proactively resolved. The key requirements of the customer included
- Cloud environment hardening
- Incident noise reduction
- CIS compliance score improvement
- Security and performance enhancement
The Solution
Blazeclan’s team of managed services experts conducted a detailed security assessment study of the customer’s environment. The requirements put forth by the customer were analysed and were met effectively as described below.
- Security-approved hardened Golden AMIs were created for the customer’s Amazon Linux 2 to ensure that the launches are in sync with the latest updates.
- Automated security and SSL certificate renewal has been put in place to improve the overall security of the customer’s cloud environment.
- CIS Compliance requests raised for S3 Bucket encryption, EBS encryption, eliminating unused EBS volumes were effectively resolved. Real-time monitoring and management of CIS compliance has upped the compliance score to nearly 80%.
- With continuous monitoring support, the incident noise reduction was achieved for the DB server where the customer was suggested to upscale the memory. The alerts that were once beyond threshold limit, 1200-1300 or above 85%, have been reduced to 250-300, thereby enabling cost reduction by saving the IT-man hours.
- By matching the instance size against workloads and performance requirements, a significant cost optimization was realized by the customer.
Benefits Achieved by the Customer
- SSL certificate renewal, S3 Bucket encryption, and creation of Golden AMI improved the overall security posture of the cloud environment.
- Reducing the incident noise and right sizing the instances against workloads, deleting unwanted EBS volumes, deleting unused DHCP option set resulted in a significant cost optimization.
Tech Stack
Amazon EC2 | Amazon S3 | AWS ElastiCache |
AWS ELB | Amazon RDS | Amazon VPC |
Amazon Machine Images (AMI) |