case study

FS Investments: Implementing a Robust AWS Security and Network Protection Solution

Financial Services

Business Impacts

50% reduction in the account creation time

Achieved compartmentalized migration of development environments

13 production accounts with live workloads and zero downtime for development environments migration

Preventive measures to mitigate threat actors in future

Customer Key Facts

  • Country : United States
  • Industry : Financial Services

Problem Context

FS Investments is a leading asset management company that transforms their customer’s investment portfolios by bringing access to alternative sources of income and growth. They have been on AWS for several years, however, to streamline the process of account creation as well as optimize their networking architecture to support a multi-environment multi-account approach, they felt the need to move to a futureproof solution. There was an opportunity to leverage industry best practices for guardrails and cloud administration. Additionally, setting up networking and security resources for new accounts resulted in manual overheads. Thus, the client sought assistance with the migration of AWS Control Tower within its AWS environment along with advisory guidance on adherence to best practices in managing an optimized AWS environment.

Challenges

  • Increased risk of compliance and security breach due to recent issues with environmental security
  • Manual overheads due to setting up networking and security resources for new customers
  • Security risk in data accessibility as all workloads connected to main network architecture

Technologies Used

AWS Organizations

AWS Organizations

AWS Control Tower

AWS Control Tower

Amazon GuardDuty

Amazon GuardDuty

AWS CloudFormation

AWS CloudFormation

Amazon CloudWatch

Amazon CloudWatch

AWS CloudTrail

AWS CloudTrail

AWS Config

AWS Config

AWS Security Hub

AWS Security Hub

Amazon Virtual Private Cloud

Amazon Virtual Private Cloud

AWS IAM Identity Center

AWS IAM Identity Center

AWS Directory Service

AWS Directory Service

AWS Transit Gateway

AWS Transit Gateway

Amazon Route 53

Amazon Route 53

AWS Lambda

AWS Lambda

Amazon SNS

Amazon SNS

Platform modernization to enable infrastructure security and environment re-distribution based on workloads

Solution

Quantiphi setup a Control Tower enabled AWS Organization and deployed guardrails using service control policies and rules to prevent drift from compliance best practices. Our experts migrated the legacy accounts to the new modernized infrastructure and ensured zero downtime for production-level workloads.

Additionally, Quantiphi deployed the network architecture with segregated workload with connections to the existing on-premise firewall

Results

  • Migrated 13 accounts to a new optimized environment
  • Enabled security best practices by leveraging service control policies and AWS Configuration
  • Streamlined creation and deletion of accounts/environments with reduced manual overhead
  • Enabled cloud migration, AWS control tower, well-architected, service control policies, guardrails, secure environment accelerator, account factory, sandbox

Thank you for reaching out to us!

Our experts will be in touch with you shortly.

In the meantime, explore our insightful blogs and case studies.

Something went wrong!

Please try it again.

Share