“We started using AWS Organizations to manage the accounts for our multi-account environment and simplify our billing. We have also greatly simplified our access management with the AWS SSO integration. AWS Organizations enables us to isolate workloads with similar risk profiles within their own account, to identify ownership of accounts via account tags, and enforce controls with Service Control Policies that cannot be overridden by the administrators of the member accounts. We now deliver new accounts quickly and securely freeing our developers to focus on business solutions.”
Jaime Villegas, Head of Corporative Services - Bancolombia
Over 80% of Behavox customers use our SaaS-based solutions to receive the best possible performance and the highest level of security, all while reducing total cost of ownership.
"Working with AWS Organizations allows us to consolidate our accounts – centralizing all billing, control access, compliance, and security. This makes it easier for us to continue providing cutting-edge solutions to complex challenges while minimizing infrastructure and storage costs for our customers."
Nabeel Ebrahim, Chief Revenue Officer - Behavox
"In the end we made the decision to go for AWS SSO since according to our ecosystem it is AWS who best positioned and responded to our different use cases in the present and for what we had in mind. The main benefit [of AWS SSO] was the security of our identities as well as centralizing the permissions according to the different roles for each of our collaborators. Finally, that AWS SSO has compatibility with SAML 2.0 to integrate the different applications that today are part of the B89 ecosystem continues to allow us to be the ones who control the management of access and identities and not fall back on third parties.”
Gerardo Castro Arica, Security Architect - B89
Dow Jones has been bringing information to the world's top businesses with relentless pursuit of accuracy, depth, and innovation since 1882.
“When starting our AWS journey, we used four base roles on a large estate of accounts which required significant ongoing work to create and manage lists of services that were, and were not allowed. To increase security and ease of service integration, we moved to a deny first posture. We utilized AWS Organizations and IAM Permission Boundaries to centrally manage eight job function-based roles with a simplified list of permissions required by our internal stakeholders."
Nico Halpern, Director, Cloud Services, Dow Jones
“Using AWS Organizations, we’re able to accelerate development by giving teams their own environments in separate accounts, allowing them to progress simultaneously without impacting other teams or pipelines. We’re able to group accounts by business units using organizational units, and we can support three common development stages for applications. As a result, we were able to accelerate projects onboarded to cloud by 5X, reduce number of IAM permission tickets by 10X, and experienced 3X fewer stability issues. This is all made possible using simple APIs from AWS Organizations.”
Gaurav Jain, Director, Cloud Platform, Factset
"Fresno State takes pride in being an engine of social mobility in the region and continues to be one of the most affordable universities in the nation. In 2019, we began our cloud journey with an identity strategy utilizing AWS Organizations, AWS SSO, AWS IAM, and AWS Managed Active Directory. AWS Managed AD allows us to leverage a trust relationship with our on-premise directory allowing our AWS resources to utilize either directory for authentication. AWS Managed AD’s integration with AWS SSO enables us to easily on-board new accounts and users, saving us days if not weeks of effort. With AWS SSO permission sets we can easily grant access across our multi-account environment from a central console."
John Wagenleitner, Cloud Architect - Fresno State
“GE uses AWS Identity Services to support their global enterprise and allow their businesses to operate securely in the cloud. AWS Organizations and Service Control Policies (SCP) provide top-down governance and allows for the delegation of identity based and resource-based policy administration to each business unit. This model allows the businesses to move independently and operate at scale to solve today’s industrial challenges.”
Matthew Green, Sr. Director, Cloud Architecture - GE
“Using AWS Organizations, GoDaddy is able to implement consistent security guardrails across accounts, while giving our application teams the flexibility to build at their own accelerated pace. For example, we utilize AWS Config at the organization level to monitor and collect infrastructure configuration details. We can view and maintain costs as teams develop new applications, and provision specific development environments by giving teams accounts for sandbox, test, and production stages. We’ve built custom applications that help developers confidently deploy resources to GoDaddy compliance standards, and can easily distribute them to accounts using the AWS Service Catalog integration.”
Ketan Patel, Sr. Director, Software Development - GoDaddy
Headspace uses Auth0 on AWS, which is an AWS Security Competency partner built and run on AWS to help authenticate and authorize apps and APIs with any identity provider.
“By leveraging the Auth0 technology, our engineering team was able to focus more on building user value while reducing our costs. Account scraping was now offloaded to our new partner, saving us weeks of time in incident fighting. We integrated social logins in sprints, not months, able to experiment with new social logins that we had not before. And we were able to shift a full-time resource to our new feature team.”
George Torres, Director of Engineering - Headspace
Invenia is a cloud-based machine learning platform that uses big, high frequency data to solve complex energy intelligence problems in real-time.
"As a cloud-based business ourselves, we rely extensively on AWS and a number of SaaS-based applications, but didn't like the security and compliance risks associated with managing end-user credentials to so many independent systems. Deploying AWS SSO allowed us to provide access to those same applications, but using our existing corporate credentials instead, and without any of the hassle of managing a traditional SSO solution - Brilliant!"
Sascha McDonald, Head of Architecture and Operations - Invenia
For 50 years JMT Technology Group has offered a full array of planning, design, and construction phase consulting services for infrastructure projects.
"While we considered other identity solutions, AWS Identity & Access Management (IAM) provides us with the flexibility to manage our 23 users and expose relevant services to improve our business processes. For example, we used AWS IAM to provide our Marketing team with access to Amazon Kendra which has reduced our RFP response time by almost 1 business day."
Jonathan Harrison, Chief Information Officer - JMT
Mueller Water Products, Inc.
Mueller Water Products Inc is the leading manufacturer and marketer of products and services used in the transmission, distribution and measurement of water in North America.
"While we started our AWS cloud journey with default tools like AWS Identity & Access Management (IAM) and AWS Organizations, over time we added AWS SSO to work with our third-party IdP and allow for a single set of identity records with more granular security. Now, if an employee leaves the company, we terminate in one place and it replicates the changes throughout simplifying the process and improving our IAM lifecycle management."
Justin Payne, Senior Security Architect - Mueller Water Products, Inc.
“AWS SSO is a powerful tool to get the maximum amount of use per staff member so that we can keep our team small.”
Alexander Dumitriu, Chief Information Officer - OkCupid
Rail Delivery Group
The Rail Delivery Group (RDG) brings together the companies that run Britain’s railway into a single team with one goal - to deliver a better railway.
"We use AWS Identity services to manage internal and external access to our AWS data platform. Originally, we used AWS Identity & Access Management (IAM) on each account separately, but we started using AWS SSO, integrated with our existing SAML solution, along with AWS Control Tower when that started to get out of hand. This created the ability to manage everything centrally with minimal overhead for a very cheap price while driving improvements in both our security and time efficiency. "
Toby Ayre, Head of Data & Analytics, Service Delivery - Rail Delivery Group
"I don’t think we got any negative feedback about AWS SSO. For a change that affects the daily workflow of about 1,500 people, that’s kind of unprecedented."
Guy Davies, Principal Cloud Architect - Sophos
“We made it easier for our finance department to track cloud costs using AWS Organizations, as it provided them with a single bill and allowed us to qualify for volume discounts and lower pricing from AWS savings plans. In addition, using AWS SSO with AWS Organizations allowed us to centralize authentication to our Identity provider (IdP), which has been a massive improvement on a daily basis for our employees so they don't have different sets of credentials for accessing multiple AWS accounts. Our infrastructure security team was also able to centralize access management, resulting in an increase in platform security and a decrease in operational costs.”
Rocco Zanni, CTO - Spreaker
With over 30 years of experience, Synamedia is a driving force of video innovation.
"When starting our AWS journey, we quickly realized that identity was fundamental to delivering a good experience for our internal teams. We leverage the flexibility of IAM roles and policies, to deliver a tightly controlled, secure platform for our thousand-plus engineers. With AWS Organizations, we automate provisioning with AWS Stacksets, manage guardrails with SCPs, and centralize services with delegated admin and trusted access across our entire AWS environment."
Ananta Manandhar, Sr. Manager, Cloud Services - Synamedia
Syncron is a provider of cloud-based after-sales service solutions focused on empowering the world’s leading manufacturers to maximize product uptime and deliver exceptional customer experiences.
"As a cloud-based business, we're very mindful of the productivity disruptions and security challenges that can arise when users are overloaded with unique credentials. With AWS SSO, we can quickly and easily connect users into AWS using their normal enterprise credentials – allowing us to focus on continuing to deliver exceptional services to our customers instead of managing the lifecycle of users’ credentials in our AWS multi-account structure."
Richard Barkestam, CTO - Syncron
Wellola was founded with the belief that the future of healthcare is preventative, community-based and supported by digital tools.
"In healthcare, data protection and governance is the most important thing of all, so we use AWS Identity & Access Management (IAM) and AWS Organizations to provide access to features to internal and third-party developers. It just makes life a lot safer."
Criostóir O'Codlatáin Lachtna, CTO & co-founder - Wellola
World Fuel Services
World Fuel Services uses Sonrai Security, which is an AWS Security Competency partner providing identity and data controls for AWS accounts and roles.
“Security is absolutely foundational for any large scale migration to the public cloud. Sonrai Dig on AWS is central to the World Fuel Services cloud security operating model. The elimination of identity and data risks, automation, and continuous monitoring has transformed our cloud security operations, and helped accelerate our cloud migration.”
Richard Delisser, Sr. Vice President - World Fuel Services