Challenge

Masterfully is on a mission to provide an unmatched variety of study tools to fit all learning needs. With decades of eLearning experience, they develop solutions for maintaining quality training while continually adapting to new skillsets.

Their revolutionary platform, *Advisor Plus*, was developed by course authoring professionals to make creating engaging, quality content simple. *Advisor Plus* allows companies to seamlessly create testing, training, and onboarding programs specific to their unique tech stack.

Facing a period of significant growth and expansion, Masterfully needed to evaluate its AWS infrastructure; security, governance and compliance posture; and platform scalability ahead of onboarding a large new customer. However, Masterfully faced several governance challenges:

1. Lack of standardized policies and procedures for managing cloud resources

2. Inconsistent tagging and resource organization, leading to difficulties in cost allocation and resource management

3. Inadequate access controls and permissions management across their AWS environment

4. Limited visibility into their overall security posture and compliance status

5. Difficulty in maintaining consistent governance practices as they scaled their operations

Masterfully enlisted the help of BUILDSTR for both the design and execution of changes to help its environment meet stringent security, governance, and compliance requirements as well as scale orders of magnitude.

Solution

Leveraging the AWS Well-Architected security design principals, BUILDSTR put in place a robust and well-documented framework for improving the security, compliance, and governance posture of the AWS environment and associated applications. The solution focused on implementing key governance best practices and utilizing AWS services to address Masterfully's specific challenges:

Implement a Strong Identity Foundation and Access Management:

• BUILDSTR implemented AWS Identity and Access Management (IAM) to create a centralized identity management system.

• Working with Masterfully's leadership and engineering teams, BUILDSTR identified and created IAM roles that correlated with job personas assigned to managing AWS accounts and the infrastructure contained within them.

• Enforced the principle of least privilege access by implementing fine-grained permissions and regularly reviewing and updating access policies.

Establish Centralized Governance with AWS Organizations:

• Implemented AWS Organizations to centrally manage and govern multiple AWS accounts.

• Utilized Service Control Policies (SCPs) to enforce governance rules and compliance requirements across all accounts.

Implement Consistent Resource Tagging and Management:

• Developed a comprehensive tagging strategy aligned with Masterfully's organizational structure, cost allocation, and cost governance needs.

• Implemented AWS Tag Policies to enforce consistent tagging across all resources.

Enable Traceability and Compliance Monitoring:

• Implemented AWS CloudTrail for comprehensive auditing of all API calls across the AWS environment.

• Configured AWS Config to assess, audit, and evaluate the configurations of AWS resources.

• Set up AWS Security Hub to provide a comprehensive view of security alerts and compliance status across accounts.

• Implemented and configured various AWS-native tools, including CloudWatch, GuardDuty, and Systems Manager, to enhance observability, preventative and detective governance, and security monitoring.

Automate Governance and Security Best Practices:

• Utilized AWS Control Tower to set up and govern a secure, multi-account AWS environment based on best practices.

• Implemented automated compliance checks using AWS Config Rules and custom Lambda functions.

• Automated the patching process using AWS Systems Manager across all tiers of the Advisor Plus environment, including testing patch success before production release.

Enhance Data Protection and Encryption:

• Implemented AWS Key Management Service (KMS) for centralized key management.

• Enforced encryption for data at rest and in transit across all AWS services used by Masterfully.

• Implemented additional protection for multiple layers of Masterfully's cloud ecosystem, including intrusion detection capabilities and malware protection for EC2, EBS, and S3 with AWS GuardDuty.

Establish Governance Processes and Documentation:

• Developed comprehensive governance documentation, including policies, procedures, and guidelines for cloud resource management.

• Implemented governance reviews and audits to ensure ongoing compliance and optimization.

Results

Masterfully's partnership with BUILDSTR resulted in several significant improvements across their AWS environment, directly impacting both their operational efficiency and governance posture:

Enhanced Governance and Compliance

With the new governance framework implemented by BUILDSTR, leveraging multiple AWS-native services, Masterfully was able to meet and exceed their customer's stringent security, governance, and compliance requirements. Managing their multi-account environment, ensuring consistent policy enforcement, and maintaining continuous compliance monitoring is now engrained in their processes.

Improved Resource Management and Cost Allocation

The implementation of a comprehensive tagging strategy and the use of AWS Resource Groups significantly improved Masterfully's ability to manage and allocate costs across different projects and departments. This enhanced visibility into resource usage and costs enabled more informed decision-making and cost optimization efforts.

Streamlined Access Management

The implementation of AWS IAM and SSO, along with well-defined roles and permissions, greatly simplified access management across Masterfully's AWS environment. This not only improved security but also increased operational efficiency by reducing the time and effort required to manage user access.

Enhanced Security Posture

The integration of various AWS security services, including GuardDuty, Security Hub, and CloudTrail, provided Masterfully with a comprehensive and centralized view of their security posture. This enabled faster threat detection and response, reducing the overall risk to their environment.

Automated Compliance and Governance

By leveraging AWS Config Rules and custom automation, Masterfully was able to continuously monitor and enforce compliance with internal policies and external regulations. This automation significantly reduced the manual effort required for compliance management and minimized the risk of human error.

Scalable and Consistent Governance

The establishment of comprehensive governance documentation ensured that Masterfully could maintain consistent governance practices as they continued to scale their operations. This set a strong foundation for future growth and expansion.

Operational Efficiency through Automation

The automation of routine governance and security tasks, such as patching, cost optimization, and compliance checks, freed up significant time for Masterfully's IT team. This allowed them to focus more on innovation and strategic initiatives, rather than day-to-day management tasks.

Improved Stakeholder Confidence

The enhanced governance and security measures implemented by BUILDSTR significantly boosted confidence among Masterfully's stakeholders, including customers, partners, and regulatory bodies. This improved trust has positioned Masterfully favorably in the competitive eLearning market.

Looking Forward

Through its collaboration with BUILDSTR, Masterfully has established a strong governance and security foundation for its future. The optimized and well-governed AWS environment, coupled with scalable, cost-effective operations, enables them to confidently pursue growth opportunities, innovate further, and consistently meet the demands of an evolving customer base while maintaining the highest standards of security and compliance.

As Masterfully continues to grow, they are well-positioned to leverage this robust governance framework to maintain control, ensure compliance, and drive continuous improvement in their cloud operations. The governance best practices and AWS services implemented by BUILDSTR have not only solved Masterfully's immediate challenges but have also set them up for long-term success in the cloud.