Tenebit, Well-Architected
The Challenge
Tenebit is a company that specializes in the implementation of digital transformation models in organizations, for which they design strategies and implement processes supported by the necessary technology to make the relationship with their clients more effective; These technological solutions (CRM and FieldSales) offered by the company are deployed in cloud infrastructure, to facilitate and improve the performance and scalability of the tool, for its clients.
Since Tenebit implemented this infrastructure – a few years ago – no evaluations or reviews have been carried out to determine the alignment between the changes made during the natural dynamism of the operation and the optimal architecture that Tenebit would need to operate in the best way, guaranteeing the security and performance of its solutions.
Strategy and Solution
Since security and reliability issues are the main objectives to be evaluated and reinforced for Tenebit, they decided to hire the services of Clouxter to execute a Well-Architected Framework Review (WAFR) on their critical productive load.
De todas las oportunidades de mejora encontradas en la revisión de la carga, se priorizaron actividades en 3 pilares de buenas prácticas de arquitectura: Seguridad, Fiabilidad, performance y Optimización de costos. These activities for the improvement of each of the aforementioned pillars, had the following scope:
Security
- Improve the management of user credentials and authentication; in addition to efficiently controlling programmatic access.
- Enabling AWS Secrets Manager services.
- Improve investigative detection of security events by activating AWS Config and Cloudtrail services; which allows the analysis of logs, findings, and metrics centrally.
- Additionally, the protection of data at rest is reinforced through the application of AWS Config rules and AWS KMS.
Performance
- Definition of performance requirements and considerations of compute options and required configuration, supported by the collection of related metrics.
Reliability
- Implementation of auto-scaling for core computing resources (Production) using the AWS Auto Scaling service.
- Provisioning Amazon CloudFront to optimize content delivery.
- Identification and establishment of an appropriate and reliable scheme for necessary backup copies, and the proper securing and encryption of copies.
- Establishment of a resource monitoring scheme.
Cost Optimization
- Definition of a clear and efficient scheme for Tenebit’s needs to monitor the use of resources and associated costs.
- Defining a labeling scheme and configuring cost explorer services. (AWS Cost Explorer).
Benefits
Security
Security is one of the great benefits obtained during this WAFR; This was achieved by implementing policies and reviewing permissions (both user and programmatic), activating services to securely safeguard and store sensitive access information.
Additionally, and as an action with greater coverage, the entire network layer and its components were reconfigured, to reinforce and improve perimeter security. The logging, alerts, and monitoring system was substantially improved; which gives Tenebit many more tools that allow them to detect intrusions, identify vulnerabilities, and mitigate any risks they may encounter.
Costs reduction
By establishing tagging schemes, plus configuring the Cost Explorer, Tenebit can have an efficient tool to review and analyze the costs and usage of your AWS resources; and in this way analyze the data and find savings in a timely manner.
Additionally, a detailed analysis was carried out to improve the performance of the infrastructure, where the oversized machines were analyzed and optimized (downgraded to a smaller type of machine) which managed to impact costs since the machines were adjusted.
Reliable Workloads
It was possible to jointly define strategies to identify and support component failures, improve the adaptability of changes in demand, and efficiently safeguard information. All this is through the applicability of elasticity in core loads; that are adjusted depending on the needs of the infrastructure. In addition to the definition and configuration of a backup scheme, for the preservation of your databases, in case of equipment failure or other catastrophes.
Experience
Thanks to the experience of the exercise, Tenebit has been able to quickly learn about the available services, their uses, and recommended practices, and in this way be able to replicate them in its other loads or adjustments and new deployments within its infrastructure. Additionally, this acquired experience allows them to visualize the potential risks of the business in a faster and more assertive way.
About Tenebit
Tenebit is a consulting company specializing in relationship programs (CRM), which identifies, implements, and launches specific strategies for the creation of customer-focused organizations.
They implement business solutions that enable companies and institutions to improve relationship processes with clients/patients/students, improve their competitiveness, and offer greater differentiation in service.
About Clouxter
At Clouxter we enable the adoption path and consolidate the cloud in organizations. Our focus is on DevOps, Migration, Security, and Analytics, providing the key pieces to have a great Cloud strategy. We have extensive experience in different industries such as Banking, Media, Fintech, Public Sector, ISVs and Startups.
We accompany organizations on this path and accelerate their adoption curve, covering the Definition, Planning, Implementation, and Operations of their solutions, through our Professional Consulting Services, Managed Services, and Local Billing.