Canva Works with AWS Professional Services to Augment Security with Data Lake
The Canva mission is clear: empower everyone in the world to design anything and to publish anywhere. The company’s online design services are used by millions across the globe to create social media graphics, presentations, posters, documents, and other visual content.
The Canva customer base continues to grow quickly, and the increasing customer demand has led to significant expansion of the Amazon Web Services (AWS) infrastructure that Canva deployed when first launching the company. While the agile platform—which supports all Canva business operations—continues to perform at a high level and scales seamlessly, data security is just as important to the Canva mission. With cyberattacks becoming ever more sophisticated and privacy becoming a critical requirement for customers, Canva decided to augment its already strong security posture.
We have better security situational awareness thanks to AWS Professional Services. We know in real time what is currently going on and what has transpired.”
Cloud Platform Lead, Canva
Finding Needles in a Growing Haystack
Canva hoped to deploy a powerful analytics solution to search the millions of logs the AWS infrastructure generates every day to find the “needles in a growing haystack” that represent potential security threats. The solution was intended to support three primary security use cases: instant response for identifying current potential threats, digital forensics to analyze the details of historical threat activities, and threat hunting to proactively uncover abnormal activities.
Data Lake Approach Accelerates Deployment and Reduces Costs
To accelerate the deployment and reduce the cost of developing a solution to enhance Canva’s IT security posture, AWS Professional Services recommended a cloud-based data lake. The approach provides new threat detection and digital investigation capabilities developed by AWS. Within the data lake, Amazon Elasticsearch Service indexes big datasets and allows Canva to store vast amounts of historical data to facilitate the analysis of past cyberactivity. Other key components include AWS Glue to extract and transform the data, Amazon Kinesis Data Streams to analyze the data, and Amazon Simple Storage Service (Amazon S3) to maintain the big dataset files.
Supporting the data lake solution that drives security for Canva are analytic capabilities delivered by Kibana, a component of Elasticsearch, and a front-end visualization tool that provides deep insights into the security dynamics of the AWS infrastructure. Kibana helps Canva data analysts better understand what activities are abnormal and warrant close attention. If necessary, analysts can perform searches using Amazon Athena to identify specific indicators of potential attacks.
AWS Professional Services also created a threat detection solution using AWS Lambda and Amazon DynamoDB that monitors threats in the Canva environment and automatically sends security alerts to the Canva case management system. The Canva team then verifies whether it is a false positive or an actual alert that needs to be investigated.
A Customized Threat Detection Approach
Because the threat detection solution created by AWS for Canva is serverless, it does not add any strain on the AWS compute resources used by Canva. The solution also requires minimal IT administration and maintenance: log scanning and data backups take place automatically while running in the background of the AWS environment.
Over 50 Million Logs Analyzed Every Day
“We have better security situational awareness thanks to AWS Professional Services,” Abbas says. “We know in real time what is currently going on and what has transpired.”
With the information generated by the security data lake, Canva can also pinpoint what normal activity looks like. This helps the IT team identify anomalies in the environment that may lead to the detection of malicious activities.
Greater Visibility Leads to Better Control
Canva continuously looks for innovations to further build out the company’s comprehensive cyber-resilience program. Abbas concludes, “Millions of people rely on our design services daily, so it’s critical to provide a highly secure platform. Together with the AWS Professional Services team, we know we can meet this need while implementing new solutions cost-effectively and in a relatively short period of time.”
Launched in 2013, Canva’s online design tools have attracted 15 million users across 190 countries. Collectively, customers have created more than 1 billion designs—from social media graphics to presentations, posters, and other visual content.
Benefits of AWS
- Processes over 50 million logs daily
- Improves cyberthreat visibility
- Increases control over security posture
- Identifies current threats and analyzes details of historical ones
- Uncovers abnormal online activities
- Maintains strong customer trust
AWS Services Used
AWS Professional Services
The AWS Professional Services organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud.
Amazon Elasticsearch Service
Amazon Elasticsearch Service is a fully managed service that makes it easy for you to deploy, secure, and run Elasticsearch cost effectively at scale.
Amazon Kinesis Data Streams
Amazon Kinesis Data Streams (KDS) is a massively scalable and durable real-time data streaming service.
Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL.
Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.