AWS Landing Zone Significantly Optimizes Cloud Environment

About Customer

The customer is a leader provider of life insurance, medical insurance, general insurance, and other employee benefits products across the SEA market.

The Challenge

The customer commenced planning its AWS cloud migration journey in early 2019. They were already using AWS cloud for Data Lake operations, although everything was included in a single account. The customer partnered with Blazeclan for a thorough assessment of their current environment and prepare for future expansion on AWS cloud. Blazeclan proposed to setup a secure landing zone as the first step.

One of the main purposes to create a fresh new Landing Zone was to bring a greater control over security and access management. The customer wanted to use as many native services as possible to ensure proper segregation of duties along with the use of existing authentication mechanisms. Blazeclan’s security team was actively involved in the assessment of their on-premises user roles, policies, and privileges, using the information gathered in the assessment to design the security of the Landing Zone in a scalable and resilient manner.

The Solution

After careful review of the security requirements, Blazeclan proposed a multi-fold approach to support the customer and help them achieve their desired outcome.

Landing Zone Security Design and Implementation

One of the most important areas that needed to be studied while setting up the Landing Zone was security design and ensuring that the right level of user access and monitoring of traffic inflow & outflow is accomplished. The Landing Zone was based on the concept of segregation of duties and creating accounts based on the roles they are designed to perform.

The Multi-Account Strategy

Based on the principle of segregation of duties, following accounts were created in the landing zone.

Organization account
Security account
Shared services account
Logging account
Workload accounts for non-production as well as production workloads

Benefits Achieved by the Customer

Optimized Cloud Environment: The security design of the foundation ensured a scalable and secure cloud environment, which was ready for expansion without further rework in the design.

Staying Ahead of the Security Curve: The customer aimed at staying ahead of the technology and the solution supported them in building secure frameworks for future cloud deployments. The customer was also able to leverage the emerging security technologies.

Automated Security: Automating their security operations and integrating them into the customer’s deployment pipeline allowed application teams to scale their pace of deployment without compromising the overall security of the application.

Tech Stack

AWS CloudTrail	Amazon Guard Duty	Amazon CloudWatch
Amazon API Gateway	AWS IAM	AWS WAF
Amazon VPC	AWS KMS	AWS Config rules
AD Connector	AWS Lake Formation	AWS Landing Zone

Categories

Migration & Deployment, Security
Service Tags

AWS Cloud, Cloud Migration, Cloud Security, Security

Cloud Consulting, Strategy, and Migration

DevSecOps

Cloud Security Engineering

Application Assessment

Cloud Native Application Development & Testing

SaaS Product & Platform Development

Data Strategy

Data Governance and Engineering

Advanced Analytics

Cloud Governance & Reporting

Cloud Discovery & Optimization

DevOps Transformation (DoT)

cAssure

cSecure

SaaS Factory Model

BlazePulse

cSaver

Cloud and Platform Modernization

Cloud Security Operations

Conversational AI

Application Maintenance & Enhancement

Application Modernization

Managed Analytics

BI Modernization

Cloud Managed Services

How Analytics Helps Businesses Better Serve their Customers

Building Capabilities of Incident Response/Disaster Recovery on the Cloud

Impactful Cloud Computing Trends to Look For in 2022

Cloud-based End-to-End System Helped Feed Ontario Achieve ~60% Operational Optimization

Azure Cloud Hosting Enabled Etek to See ~40% Performance Improvement in their Website

Cloud Migration Helped Customer Achieve Uniform Platform and Reduce Rollbacks by Over 60%

Ebooks & Whitepapers

Augment Your Deployment Velocity With Terraform

Back to Business as Usual - Rightsizing Your AWS Cloud Cost

Call Us

Email Us

Financial Services

Banking & Insurance

Media & Entertainment

Telecom

Technology

About Us

Our Leadership

Customer Speaks

Strategic Partners

OneClan Life

Clouditects

Work With Us

Thought Leadership

Awards and Recognition

Media Coverage