Case study: Scaling & Infrastructure Modernization for Masterfully

Challenge

Masterfully is on a mission to provide an unmatched variety of study tools to fit all learning needs. With decades of eLearning experience, they develop solutions for maintaining quality training while continually adapting to new skillsets.

Their revolutionary platform, Advisor Plus, was developed by course authoring professionals, to make creating engaging, quality content simple. Advisor Plus allows companies to seamlessly create testing, training and onboarding programs specific to their unique tech stack.

Facing a period of significant growth and expansion, Masterfully had the need to evaluate its AWS infrastructure, security and compliance posture, and platform scalability ahead of onboarding a large new customer. Masterfully enlisted the help of BUILDSTR for both the design and execution of changes to help its environment meet stringent security, governance and compliance requirements as well as scale orders of magnitude.

Solution

Leveraging the AWS Well-Architected security design principals, BUILDSTR put in place a robust and well-documented framework for improving the security, compliance, and governance posture of the AWS environment and associated applications.

Implement a Strong Identity Foundation:

Working with Masterfully’s leadership and engineering teams, BUILDSTR identified and created IAM roles that correlated with job personas assigned to managing AWS accounts and the infrastructure contained within them. Since access to sensitive data must be restricted to only certain individuals, roles were put in place preventing unauthorized access to content, following the principal of least privilege access.

Enable Traceability

Observability is an important part of any mature security operation. Masterfully’s goal for traceability was to alert on any access to admin-level users along with many suspected malicious activities while also streamlining future audits.

To meet this requirement, BUILDSTR implemented and configured various AWS-native tools, including CloudWatch, CloudTrail, GuardDuty and Systems Manager. BUILDSTR implemented AWS Security Hub to centralize security findings into a consolidated view, making it easier to address threats, and to continue automating their remediation.

Apply Security at all Layers

BUILDSTR implemented additional protection for multiple layers of Masterfully’s cloud ecosystem, including intrusion detection capabilities and malware protection for EC2, EBS and S3 with AWS GuardDuty. Additional protection from unauthorized access is now provided by the Masterfully team leveraging AWS Systems Manager for any remote access to their cloud infrastructure.

Automate Security Best Practices:

Automation is an ongoing effort, and a solid baseline for continued process optimization is now in place. The biggest pain point in automation for Masterfully was in patching their environment. Using AWS Systems Manager, BUILDSTR automated the patching process through all tiers of the Advisor Plus environment and even tests the success of the patch before releasing the patched node into production.

Protect data in transit and at rest:

Masterfully’s usage of KMS and AWS services with native encryption solved this design principle for the team. BUILDSTR validated best practice usage of encryption tools and reported back that the service is built according to best practice.

Prepare for Security Events:

With better reporting and automation for addressing security posture in place, Masterfully was able to put together a more comprehensive incident response process. The big focus now is to continue automating response and to focus more effort on proactive security improvements.

Results

Masterfully's partnership with BUILDSTR resulted in several significant improvements across their AWS environment, directly impacting both their operational efficiency and security posture:

Enhanced Security and Compliance

With the new security framework implemented by BUILDSTR, Masterfully was able to meet and exceed their customer’s stringent security, governance, and compliance requirements. The incorporation of AWS Well-Architected design principles solidified their platform's security at every layer, reducing the risk of unauthorized access and ensuring that sensitive data is protected. This heightened security posture has provided confidence not only to Masterfully but also to their new and existing clients, demonstrating their commitment to protecting valuable data assets.

Improved Scalability and Performance

By restructuring their AWS environment to follow best practices, Masterfully is now positioned to handle the next phase of growth. Their platform, Advisor Plus, can now scale rapidly in response to increased demand without compromising performance. The automation efforts and optimized infrastructure ensure that as new customers come on board, the environment can seamlessly scale to accommodate new workloads and demands without requiring major manual interventions. 

Operational Efficiency through Automation

One of the most critical outcomes of this project was the automation of routine security and operational tasks. With the automated patching solution and role-based access control in place, Masterfully has significantly reduced the time and effort required for manual interventions, freeing up resources to focus on innovation and proactive security measures. The integration of AWS Systems Manager, CloudWatch, and other native services has streamlined the management of their infrastructure, leading to faster issue resolution and increased uptime.

Cost-Efficiency

BUILDSTR’s improvements didn’t just enhance security and compliance, they also led to greater cost efficiency. By automating processes and optimizing resource usage across EC2 instances, storage, and monitoring tools, Masterfully is now able to run a more cost-effective cloud environment. This reduction in overhead allows them to invest in other critical areas of their business, accelerating their growth trajectory while maintaining budget control.

Prepared for Future Security Challenges

The comprehensive incident response process, combined with centralized security monitoring and automated remediation, has prepared Masterfully to respond swiftly to any future security events. They now have the tools and processes in place to not only address immediate threats but to also implement proactive security measures. This focus on continual security improvement positions them to stay ahead of evolving security challenges, giving them a competitive edge.

Customer Satisfaction and Smooth Onboarding

Thanks to BUILDSTR’s efforts, Masterfully successfully onboarded their large new customer without any disruptions or security concerns. This smooth onboarding process has enhanced customer satisfaction and solidified Masterfully’s reputation as a reliable, secure, and scalable eLearning platform provider. They are now well-positioned to continue onboarding customers rapidly while maintaining the same high standards.

Looking Forward

Through its collaboration with BUILDSTR, Masterfully has established a strong foundation for its future. The optimized and secure AWS environment, coupled with scalable, cost-effective operations, enables them to confidently pursue growth opportunities, innovate further, and consistently meet the demands of an evolving customer base.