Baker Tilly Digital
Baker Tilly Digital focuses on combining digital strategies, innovative thinking, and technology to help you unlock the true potential of your organization. Baker Tilly US, LLP (Baker Tilly) is a leading advisory, tax and assurance firm that is an independent member of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 145 territories, with 34,700 professionals. The company wanted to efficiently manage cloud compliance.
“With AWS, we’ve completely changed how we work and can now scale without adding headcount by automating compliance processes. Compliance can be complex to manage, but AWS Config helps even those of us with no deep knowledge in compliance to implement compliance with out-of-the-box templates. The dashboard provides users with information like non-compliant resources that can be used to improve security posture, and acts as a starting point for discussion with the rest of the organization of what we need to look at and remediate. As the digital group providing technical leadership through cloud technologies for both internal and external teams, it’s important to have centralized visibility and control over our entire organization’s security posture. The pre-packaged Config conformance pack templates have simplified this process and is a key factor in accelerating our overall migration to the cloud.”
Andrew Clark, Senior Solutions Architect - Baker Tilly Digital
Netflix is one of the world's largest online media streaming providers, delivering videos to millions of customers globally. With hundreds of AWS accounts and resources distributed across multiple regions, Netflix needed a way to assess and evaluate the configurations of their AWS infrastructure. The company adopted AWS Config so that they can increase their visibility into their AWS resources to ensure that their inventory is timely and up to date.
“We need an infrastructure-wide inventory of our AWS resources to answer questions like ‘which resources do we have deployed?’, ‘where are they deployed?’, ‘how are they configured?’, ‘which changes were made?’, ‘when did the change occur?’, and ‘who made the change?’. Before AWS Config, we needed to manually develop tooling to collect the proper inventory of our AWS resources with change history. Now, using Config, we can meet our security requirements and eliminate the need to maintain our own tooling for that purpose. AWS is also committed to onboarding new and existing resource types to enable full resource visibility. As a result, we are certain that our asset inventory can scale to our existing and future infrastructure.”
Mike Grima, Cloud Infrastructure Security - Netflix
Every year, Genesys delivers more than 70 billion customer experiences for organizations in over 100 countries. Through the power of the cloud and AI, their technology connects customer moments across marketing, sales and service on any channel, while also improving employee experiences. Genesys implemented AWS Config to optimize their resource usage, which helped them reduce costs.
“AWS Config has greatly simplified our multi-account and multi-region strategy. At Genesys, we extend complete flexibility to our developers to experiment in their respective AWS accounts. While this approach fosters innovation, it also creates unique challenges in terms of unwanted resources lingering in those accounts, thereby increasing cost. Deploying the AWS Config configuration recorder across all deployed AWS Regions and accounts enables us to detect and clean-up unused resources, resulting in significant cost reductions. It also enables us to better optimize our usage of AWS and avoid running up against AWS resource limits. Combined with AWS Config’s centralized reporting through aggregators, we get a holistic view of all of our environments in a single place.”
Bradley Segobiano, Lead Software Engineer in DevOps - Genesys
Intercom is a software company that builds a suite of messaging-first products that all modern internet businesses can use to accelerate growth across the customer lifecycle, including acquisition, engagement, and support. The company implemented AWS Management and Governance services to replace various manual or bespoke processes, allowing them to gain visibility and control of their AWS infrastructure.
“Our use of AWS Systems Manager has saved hundreds of engineer hours per year by fully automating patch management and automatically fixing broken hosts. We use Amazon CloudWatch for day-to-day autoscaling, as well as resource utilization management and tracking. With AWS CloudTrail, we can audit logs for changes, allowing us to meet compliance requirements. Using AWS Config, we can easily visualize and navigate timelines of configuration changes in our environment. Overall, the Management and Governance services have allowed us to establish secure management at scale while saving costs.”
Brian Scanlan, Principal Systems Engineer - Intercom
CSS Corp is a global professional services company providing IT and technology support services driven by automation and analytics for enterprises. CSS Corp uses AWS Management Tools to meet their compliance requirements and facilitate their disaster recovery processes. With AWS Config, CSS is able to quickly detect changes in their AWS infrastructure and cross-reference these changes against AWS CloudTrail logs for security and risk auditing. The inventory of AWS resources recorded by Config allows them to identify important infrastructure components and maintain critical service maps. CSS also leverages AWS CloudFormation to rapidly provision resources in multiple AWS regions for their disaster recovery processes.
“Prior to using AWS Management Tools, our compliance and disaster recovery processes required significant human effort. With AWS Config, AWS CloudTrail, and AWS CloudFormation, we were able to automate many of our processes and easily achieve our recovery and compliance audit requirements.”
Troy Lewis, IT Manager - CSS Corp
GE Appliances, acquired by Haier in 2016, has been a leader in designing, building, and servicing appliances for 125 years. GE Appliances has been steadily building out their use of AWS Management Tools since the company adopted a ‘cloud first’ policy in 2016 for any new deployments. AWS CloudTrail helped GE Appliances gain visibility into API and non-API actions across AWS accounts, simplifying compliance and risk auditing and enabling automated monitoring and alerting. AWS Config added the ability to centrally define resource configurations and other company-defined best practices, with alerts generated when these are violated. GE Appliances also uses AWS Systems Manager to manage about 700 on-premises and Amazon EC2 instances. AWS Management Tools have given GE Appliances total visibility into their hybrid-cloud environment, and they allow GE Appliances to heighten their security by automatically enforcing rules and guardrails.
“Before we had access to AWS tools, we had to do lots of configuration and process logging and then absorb everything into a centralized platform to understand security events after the fact. By using AWS Systems Manager and the other AWS tools, we’ve gone from zero to 100 percent real-time visibility, a night-and-day contrast with our prior security posture.”
Rafael Garrido, DevSecOps Leader - GE Appliances