Cynthia Lawton

03.10.2020

Business Challenge

Decisely is a benefits brokerage and HR services firm specializing in integrated technology solutions for small business. The company provides turnkey solutions from recruitment to retirement for brokers, franchises, and associations.

Decisely operates multiple workloads supporting these business function in AWS cloud infrastructure. The company originally contacted Lightstream to discuss financial optimization to keep costs in check as the company’s AWS environment grows.

Although Decisely had a relatively low monthly spend (<$10,000/month), its IT staff was concerned about potential future overspending in the RDS and EC2 environments.

Solution

 Lightstream proposed Cloud Managed Services (CMS) for AWS, a flexible pay-as-you-grow service that offers tools, training, expert advice, and support for both AWS and Microsoft Azure infrastructure.  CMS encompasses optimization across security, financial, technology, and operations management functions of the cloud environment. CMS customer can choose from three service tiers to address their specific needs:

      • Platinum: Build – Adds a certified Lightstream cloud engineer to a client’s workforce.
      • Gold: Advise – Lightstream reviews the client’s environment and advises its staff on an ongoing basis.
      • Silver: Enable – Lightstream equips clients with state-of-the-art tools, training and periodic reviews.

Decisely opted for the Gold tier to address its cost concerns. CMS’s Lightstream Connect provides visibility on how AWS resources are allocated and offers a consolidated view on orders, service inventory, and usage and provides comprehensive analytics across all aspects of the environment.

Lightstream compiled analytics from Lightstream Connect to assess Decisely’s Reserved Instance (RI) contracting to determine the most optimized RI contracting decisions.  The results were immediate:  Decisley benefitted from a 38% cost reduction for EC2 and a 32% cost reduction for RDS.

Based on this success, the company began working with Lightstream’s certified cloud engineer on an ongoing basis for monitoring, analysis, and targeted advice on AWS security, finance, technology and operations management.  Using advanced tools from CloudCheckr and CloudHealth, the Lightstream engineer identifies gaps in security, compliance, and configuration, then analyzes and presents the data into prioritized actions plans based on best practices to optimize the environment using industry leading technologies.

Summary of Results:

      • Compliance
        • Improved compliance by 26% across 35 standards, including PCI, DDS, HIPAA, NIST 800-53, NIST SP 800-171, SOC2 and more
      • Cloud log intelligence
        • Created procedures to review VPC flow logs with SNS notification
      • Configuration and changes
        • Implemented and aligned AWS accounts to best practices
        • Implemented AWS Config to assess, audit, and evaluate AWS resource configuration
        • Implemented AWS CloudTrail to track user activity and API usage
      • User permissions
        • Eliminated root account use in favor of least-privilege security model
        • Implemented multi-factor authentication
        • Eliminated direct user permissions in favor of role-based access control model
      • Cloud perimeter
        • Verified and mitigated S3 bucket public-access management
        • Audited and remediated structure of security groups containing potentially dangerous ports or rules
        • Eliminated waste VPCs, ACLs and Security Groups 

Business Outcomes

Thanks to Lightstream’s Managed Services, Decisely has accelerated the security and optimization of its cloud infrastructure in only a couple of months. The company now has access to a team of highly trained and certified cloud and security experts, has eliminated the need to hire additional staff, and benefits from the OPEX advantage that managed services provides.

Working with Lightstream, Decisely has identified and remediated several key security vulnerabilities, technically optimized applications, improved compliance, and cut more than one-third of cloud infrastructure costs. More important, Lightstream has helped Decisely align its cloud infrastructure to support its aggressive growth plans into the future.

What the Customer Had to Say

“In only a few months, Lightstream helped us identify and remediate several security vulnerabilities, improve compliance by 26%, technically rightsize applications and cut our cloud spend by 35%.”

– Richard Mann, chief product officer, Decisley

 

SHARE