Thinknum Gains Valuable Benefits Through the AWS Foundational Technical Review
By Omar Faruk, Partner Solutions Architect – AWS
By Phil Varghese, Partner Solutions Architect – AWS
By Boris Spiwak, Chief Operating Officer – Thinknum
Thinknum Alternative Data is a leading web data platform that indexes the public web to create structured datasets used by customers to track job listings, employee sentiments, store locations, and more.
Thinknum’s customers leverage this data via an a API or user interface (UI) built on a foundation powered by Amazon Web Services (AWS) to act upon business opportunities in real time.
In addition to unlocking these programmatic benefits, Thinknum leveraged the FTR to identify key opportunities for improvement in its AWS account configuration and receive guidance on how to implement improvements to its security, reliability, and operational posture.
In this post, we will explore Thinknum’s experience completing an FTR, and how it helped bring awareness of best practices to mitigate risks, improve its solution, and gain access to valuable AWS Partner benefits.
Improving Business Outcomes with the FTR
The FTR defines a set of foundational best practices based on the AWS Well-Architected Framework. It features security controls to help prevent unauthorized access or leaks, minimize attack vectors, ensure traceability and logging, and more.
The review addresses sensitive data management and regulatory compliance, as well as business continuity and disaster recovery planning to help maintain customer trust and avoid downtime and revenue loss. The FTR can help AWS Partners demonstrate the efficacy of their solution by ensuring basic security controls are applied and processes to support security incidents are in place.
As part of the process, partners are provided an FTR checklist that lists out solution requirements. Partners then conduct a self-assessment and submit a report detailing their solution status compared to the requirements. After you begin your FTR, you will periodically review your solution architecture and operations to identify any gaps or areas for improvement.
Upon successful completion of the FTR (marked by an “Approved” state in AWS Partner Central), a partner is considered to be a “Validated” member of the APN. At the “Validated” stage, partners have access to additional APN programs like AWS ISV Accelerate, the AWS Competency, and APN Customer Engagements (ACE).
The “Validated” stage also qualifies AWS Partners for multiple APN benefits, including a “Reviewed by AWS” badge, listings in Partner Solution Finder (PSF) and Partner Discovery Portal (PDP), proof of concept funding, and more.
Enhancing Security Enforcement and Improving Reliability
The FTR process helped Thinknum gain valuable insights to help improve its identity management and security posture.
Before conducting the FTR, Thinknum had its identities locally residing in AWS Identity and Access Management (IAM) for each of its AWS accounts. This meant identities were scattered and centralized management was not feasible. The configuration had other growth limitations due to service quota limits for IAM.
By linking Okta with its AWS account, Thinknum now allows federated login and single sign-on, eliminating long-living access keys and instead providing temporary access and permissions to resources. The solution also decouples service-related quotas and makes it easier to centrally manage identities.
In addition, Thinknum had previously stored logs separately in each of its AWS accounts, which posed a security risk and made it difficult for the team to investigate infrastructure issues and identify misbehavior. This also meant the operational team was not able to analyze and display logs in a single dashboard.
By centralizing log storage to an administrative account, Thinknum’s operational team is able to more securely and efficiently collect, analyze, and display Amazon CloudWatch Logs in a single dashboard.
Thinknum also lacked an automatic backup strategy and related recovery point and time objectives for data stored on AWS. This identified gaps in its ability to recover from incidents like system failures and data loss.
Based on recommendations from the FTR checklist, Thinknum adopted a new strategic data backup and recovery plan using a solution from AWS Partner N2WS, which allowed it to establish a recovery point and time objective of within one hour for business-critical systems and 12 hours for other systems.
Guidance from an AWS Partner Solutions Architect, provided as part of the FTR, allowed Thinknum to not only simplify its management processes and better secure its resources, but also to integrate their offering with clients through cross-account AWS IAM roles. This allowed Thinknum to reduce the amount of sensitive information stored for their customers and provide more secure access to AWS resources.
As a result of updates made through the FTR, Thinknum is able to mitigate risks and increase customer successes and trust by avoiding downtime and related revenue loss.
“AWS has been Thinknum’s trusted partner since our earliest days as a startup,” says Gregory Ugwi, Chief Executive Officer at Thinknum. “The FTR process helped us strengthen our security posture in concrete ways that our clients appreciate, and I sincerely recommend it to other tech companies.”
Simplifying Compliance Management
The FTR helped Thinknum achieve its compliance goals by recommending the latest security and operational processes. The requirements of the FTR mirror those found in many security policies, such as ISO27001, which Thinknum was able to implement with ease due to the foundation laid via FTR.
Nine of America’s top 10 investment banks, as well as many hedge funds, growth and private equity firms, pension funds, and other asset management firms around the world rely on Thinknum data as part of their bond and equity research strategies.
Many of these financial institutions require strict adherence to regulatory and security practices, and often perform audits on their vendors to enforce them. Process changes made as a result of the FTR have put Thinknum in a position where it can confidently pass these audits.
One other important result of the FTR process for Thinknum is a change in company culture that prioritizes proper technical processes. Thinknum now conducts yearly architecture reviews to help build more secure, high-performing, resilient, and efficient infrastructures for applications and workloads.
In this post, we explained how AWS Partner Thinknum improved its identity management, security posture and operational posture by addressing foundational best practices via FTR.
By undergoing a Foundational Technical Review (FTR), AWS Partners can gain valuable technical and business benefits by addressing important requirements and managing ongoing compliance. Some partners also realize secondary benefits like development of a security-first culture, streamlined business continuity planning processes, and human resources offboarding.
Once you have registered as an AWS Partner via Partner Central, you can request an FTR by joining the Software Path and following the steps in the FTR guide (login required).
For more information about the FTR process or other partner benefits, reach out to your Partner Development team contact. If you do not have a Partner Development team representative, contact the AWS Partner Team.
Thinknum – AWS Partner Spotlight
Thinknum is an AWS Partner with a leading web data platform that indexes the public web to create structured datasets used by customers to track job listings, employee sentiments, store locations, and more.