AWS cloud infrastructure security is crucial for the Ed-tech industry to secure academic materials ensuring access only to the right people. Securing personal data of students and job applicants is also critical.
Summary:
A leading career upgrade brand by Edutech giant (hereby referred to as customer) is focused on helping working professionals develop careers via online learning, tests and job opportunities.
Challenges:
Customer had infrastructure set up on AWS cloud however AWS security best practices were not implemented.
Solution:
Comprinno with its thought leadership offered by AWS certified Security Specialists, built a secure AWS cloud infrastructure adhering to AWS security best practices.
Below were the highlights of the secure infrastructure solution:
- Separate AWS accounts for production and non-production environments set up via AWS Organization.
- VPC architecture for a new environment with public and private subnets.
- EC2 instances, RDS, Redshift and Lambda function migrated to private subnet.
- Enabled Multi Factor Authentication (MFA) for root account.
- Migrated IAM users to AWS Single Sign On (SSO).
- Enabled data encryption at rest for EBS volumes and AWS S3 buckets.
- Enabled logging for application load balancers.
- Enabled CloudTrail and Guard Duty.
- Alarms for root credential usage and unauthorized access.
- IaC code using Terraform for creating infrastructure was used.
Benefits:
- A secure infrastructure with restricted public access was created on AWS cloud.
- Separating production from non-production environments avoided inadvertent access to the production region.
- Alerting for unauthorized access enabled quick response.
- IaC brought in faster speed and consistency in deployment of infrastructure.
Want to know more about how we can secure your infrastructure? Contact us and trust us to provide you a secure cloud environment.
Copyright 2022