canva-logo@1x

Canva Works with AWS Professional Services to Augment Security with Data Lake

2020

The Canva mission is clear: empower everyone in the world to design anything and to publish anywhere. The company’s online design services are used by millions across the globe to create social media graphics, presentations, posters, documents, and other visual content.

The Canva customer base continues to grow quickly, and the increasing customer demand has led to significant expansion of the Amazon Web Services (AWS) infrastructure that Canva deployed when first launching the company. While the agile platform—which supports all Canva business operations—continues to perform at a high level and scales seamlessly, data security is just as important to the Canva mission. With cyberattacks becoming ever more sophisticated and privacy becoming a critical requirement for customers, Canva decided to augment its already strong security posture.

Technology concept. 3D render
kr_quotemark

We have better security situational awareness thanks to AWS Professional Services. We know in real time what is currently going on and what has transpired.”

Moe Abbas
Cloud Platform Lead, Canva

Finding Needles in a Growing Haystack

Canva hoped to deploy a powerful analytics solution to search the millions of logs the AWS infrastructure generates every day to find the “needles in a growing haystack” that represent potential security threats. The solution was intended to support three primary security use cases: instant response for identifying current potential threats, digital forensics to analyze the details of historical threat activities, and threat hunting to proactively uncover abnormal activities.

 
To take on the challenge, Canva engaged AWS Professional Services for assistance. The global team of experts helped Canva realize the required business outcomes when using the AWS Cloud and executing enterprise cloud computing initiatives. “We wanted to centralize the large variety and the huge number of logs we generate so we can identify anomalies and threats more effectively,” says Moe Abbas, the cloud platform lead at Canva. “Given the quantity of log data we produce, we needed a reliable way to seamlessly analyze hot data and then archive the data, and we knew the AWS Professional Services team would provide the expertise we need.”

Data Lake Approach Accelerates Deployment and Reduces Costs

To accelerate the deployment and reduce the cost of developing a solution to enhance Canva’s IT security posture, AWS Professional Services recommended a cloud-based data lake. The approach provides new threat detection and digital investigation capabilities developed by AWS. Within the data lake, Amazon Elasticsearch Service indexes big datasets and allows Canva to store vast amounts of historical data to facilitate the analysis of past cyberactivity. Other key components include AWS Glue to extract and transform the data, Amazon Kinesis Data Streams to analyze the data, and Amazon Simple Storage Service (Amazon S3) to maintain the big dataset files.

Supporting the data lake solution that drives security for Canva are analytic capabilities delivered by Kibana, a component of Elasticsearch, and a front-end visualization tool that provides deep insights into the security dynamics of the AWS infrastructure. Kibana helps Canva data analysts better understand what activities are abnormal and warrant close attention. If necessary, analysts can perform searches using Amazon Athena to identify specific indicators of potential attacks.

AWS Professional Services also created a threat detection solution using AWS Lambda and Amazon DynamoDB that monitors threats in the Canva environment and automatically sends security alerts to the Canva case management system. The Canva team then verifies whether it is a false positive or an actual alert that needs to be investigated.

A Customized Threat Detection Approach

For the development of the threat detection use cases, Canva focused on the detection of anomalies around assets that store, process, and transport sensitive information. These anomalies can be triggered by abnormal behavior of identities or services.

Because the threat detection solution created by AWS for Canva is serverless, it does not add any strain on the AWS compute resources used by Canva. The solution also requires minimal IT administration and maintenance: log scanning and data backups take place automatically while running in the background of the AWS environment.

Over 50 Million Logs Analyzed Every Day

Canva can now process and store more than 50 million log records every day and enrich them with IP location data that indicates the geographical areas of users as well as other threat indicator information. The solution allows Canva to quickly search and analyze log data through visualizations and dashboards, which speeds up detecting potential threats and compromises so the company can respond proactively before cyberattacks occur.

“We have better security situational awareness thanks to AWS Professional Services,” Abbas says. “We know in real time what is currently going on and what has transpired.”

With the information generated by the security data lake, Canva can also pinpoint what normal activity looks like. This helps the IT team identify anomalies in the environment that may lead to the detection of malicious activities.

Greater Visibility Leads to Better Control

Canva also has much better visibility into the log records. With that visibility comes better control over creating a more resilient security posture, which is critical because enhancing the security of the AWS platform is vital for Canva to maintain customer trust. Without trust, customers won’t use the Canva platform for their design needs. “We do whatever it takes to increase the resilience of our platform,” Abbas says. “The privacy of our customers is of the utmost importance—we take our mission to protect their privacy very seriously."

Canva continuously looks for innovations to further build out the company’s comprehensive cyber-resilience program. Abbas concludes, “Millions of people rely on our design services daily, so it’s critical to provide a highly secure platform. Together with the AWS Professional Services team, we know we can meet this need while implementing new solutions cost-effectively and in a relatively short period of time.”

About Canva

Launched in 2013, Canva’s online design tools have attracted 15 million users across 190 countries. Collectively, customers have created more than 1 billion designs—from social media graphics to presentations, posters, and other visual content.

Benefits of AWS

  • Processes over 50 million logs daily
  • Improves cyberthreat visibility
  • Increases control over security posture
  • Identifies current threats and analyzes details of historical ones
  • Uncovers abnormal online activities
  • Maintains strong customer trust


AWS Services Used

AWS Professional Services

The AWS Professional Services organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud.

Learn more »

Amazon Elasticsearch Service

Amazon Elasticsearch Service is a fully managed service that makes it easy for you to deploy, secure, and run Elasticsearch cost effectively at scale.

Learn more »

Amazon Kinesis Data Streams

Amazon Kinesis Data Streams (KDS) is a massively scalable and durable real-time data streaming service.

Learn more »

Amazon Athena

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL.

Learn more »


Get Started

Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.