Evolving Your Operations Through AWS

Use the AWS Well-Architected Framework to evolve your operations and ensure your company can take on new challenges.

Operational Excellence, the first pillar of the Well-Architected Framework, prioritises the ability to evolve your code and organisation so you can learn from failure.

Best Practice: Evolve
To evolve the effectiveness and efficiency of your business, the Well-Architected Framework suggests continually making small adjustments.

Instead of having a yearly review and making sweeping and possibly expensive changes, have a team who is constantly evaluating your workload, applications and organisation to ensure it’s operating at peak efficiency.

Continuous Improvement
Using post-incident analysis, determine what went wrong and outline steps to ensure the same mistakes don’t occur again. Make all teams aware of the problem, and search all areas of your organisation for similar problem areas.

Feedback loops can identify problem areas before they become incidents. Have your evaluation team monitor all feedback loops and alert relevant team leaders when the outcomes fall flat against the predicted baselines.

Knowledge Management
Create an information structure with current, updated information that all team members can access. Also, make it clear when the data needs to be updated or archived.

It’s vital that your organisation only uses current information. Outdated or inaccurate information can cause severe problems for your company and your customers.

Drivers for Improvement
What exactly do you want to improve, and is it possible? Before discussing desired improvements, confirm that your workload supports them.

There are three types of improvements: desired capabilities, unacceptable issues, and compliance requirements.

Desired capabilities can be anything you want to improve in your company. If they aren’t immediately possible, have your team slowly refine your operations and applications in the correct direction.

Address unacceptable issues as soon as possible. They can include security gaps and bugs that slow down your production.

Compliance requirements for AWS change occasionally. Work with a Well-Architected Framework Partner to check your operations are compliant and to identify any High-Risk Items.

Validate Insights and Share Information
Confirm your insights and decisions with outside experts. Fresh eyes can sometimes find problems your company missed.

Don’t forget to document and share all new information and insights with your whole company. Even if the information seems irrelevant to some teams, as your structure evolves, it may become relevant in the future.

Schedule an AWS Well-Architected Review
To evolve your operations through AWS, schedule a Well-Architected Review with WOLK. Keep your company up to date and successful by continuously improving and developing using the AWS Well-Architected Framework.

AWS and Operational Excellence: Organisational Best Practices

The AWS Well-Architected Framework exists to help businesses make their applications and workloads as efficient and secure as possible. It consists of five pillars: operational excellence, security, reliability, performance efficiency, and cost optimisation.

The First Pillar

Operational excellence is the first pillar of the AWS Well-Architected Framework. In addition to making sure your workload and applications run smoothly, operational excellence also focuses on making small and reversible changes and dealing with failure.

Operational excellence includes four best practice areas, which are organisation, preparation, operation and evolution. Compliance within all these areas helps your company to succeed and grow.

Organisation

The best practise area of organisation deals with employee structure. It looks at the organisation of your teams and employees in terms of your workload and applications. It’s essential to have a clear structure with clearly defined employee responsibilities and priorities.

Each team should know their position in the company and be aware of how their actions affect other groups and vice versa. You should clearly define the hierarchy of each team to the whole company.

The structure of the workload also needs to be clearly defined. Assign an employee to every application, workload, platform and infrastructure component.

There are a few other steps to follow to help you achieve operational excellence.

1. Evaluate Needs

The first step in the Organisation Best Practice is to identify and evaluate needs, both internal and external. Once identified, you can determine what to prioritise.

External customer needs could involve your stakeholders, important customers or government regulations that impact your business.

Your business, development, or operational teams might have internal needs that could affect your customers.

2. Evaluate Threats

Threats to your business can be anything from other competitors to liability or security risks. Once you’ve found all the dangers, keep track of them in a risk registry. Periodically review the risk registry to determine if it’s possible to mitigate these risks or if they’ve grown in importance.

3. Encourage Experimentation

To encourage growth, build in time for your employees to learn about new techniques and advances in your field. Successful experimentation often results in more efficient practices.

Using the AWS Well-Architected Framework

The AWS Well-Architected Tool helps businesses to implement the Framework. There are also companies that can perform a Well-Architected Review to help you achieve full compliance.

WOLK is an experienced, long-term partner of the AWS Well-Architected Tool who can identify and remediate any high-risk items so you can follow the Organisational Best Practices.

How AWS Helps with Designing Operational Excellence

The AWS Well-Architected Framework is a system that helps build secure and efficient infrastructure in your company’s applications and workloads. It uses five pillars, operational excellence, security, reliability, performance efficiency, and cost optimisation, to streamline your workloads in the cloud.

By completing an AWS Well-Architected Review using WOLK, a Well-Architected Partner, you can ensure your application and workloads are working at their highest potential.

Operational Excellence: The First Pillar

Operational excellence is the first of five pillars in the AWS Well-Architected Framework. In this pillar, the Framework focuses on supporting business objectives, effectively running workloads, learning more about specific operations, and the ability to continue to improve procedures.

Within the pillar are five design principles: Perform operations as code, make frequent, small, reversible changes, refine operations procedures frequently, anticipate failure, and learn from all operational errors. With the AWS Well-Architected Tool, you can discover which of these principles need to be improved.

1. Perform Operations as Code

Performing all operations as code lowers the likelihood of human error from the entire workload. It creates a more streamlined system that can be easily updated and allows a faster response time.

2. Make Frequent, Small, Reversible Changes

Instead of making sweeping changes to fix a problem, the AWS Well-Architected Framework suggests beginning with small, reversible changes. If there is a problem, a small change is easily correctable and costs less time and money to address.

3. Refine Operations Procedures Frequently

Every time your business evolves, so should your operations procedures. Schedule regular meetings to ensure your workload is operating as efficiently as possible.

4. Anticipate Failure

Before starting, plan alternative options. Even after a system is in place, it can fail for many reasons. If your business has backup plans and a response plan in place, you can minimise any negative effects of a failure.

5. Learn from all Operational Failures

Just like a company should anticipate failure, a company should learn from it. Analyse the failure, and create new procedures to protect against it in the future.

Working with a Well-Architected Partner

WOLK is a leading partner of the AWS Well-Architected Program and is fully certified to provide AWS Well-Architected Reviews. After the review, which will highlight high-risk items, WOLK will begin the remediation stage. Typically, most high-risk items can be remediated using your AWS service credit, so your company will not be out of pocket.

AWS Well-Architected Review: applying the Framework

AWS Well-Architected Reviews use the AWS Well-Architected Framework to provide a consistent approach to evaluate and remediate systems, based on best practices for designing and operating reliable, secure, efficient, and cost-effective systems for the cloud.

WOLK is a certified AWS Advanced Well-Architected Partner and is certified to provide AWS Well-Architected Reviews.

What to expect from a review:

– Free Initial Consult.
– No Commitment.
– Leading Partner of the AWS Well-Architected Program.

The process of the AWS Well-Architected Review is to take a specific workload and review it using an approach created to facilitate consistent, considered and excellent process and design. The review takes shape using a three step process:-

1) Learn – Gather information about your workload.
2) Measure – Review your workload with all the right people.
3) Improve – Create recommendations using a statement of works.

Stage 1: The Review

– You grant WOLK read-only access to your account and we complete the review with you.
– We create a document outlining the remediation work the workshop reveals.
– We present the High Risk Items (HRIs) to you along with the Scope of Work (SOW) for sign-off.
– Once signed-off, we allocate time to do the remediation, this typically takes up to two weeks.

Stage 2: The Remediation

– WOLK to complete the remediation work.
– We complete the second milestone of the WAR tool.
– We submit the result to AWS.
– AWS requires that WOLK complete the remediation to qualify for the service credit.

Stage 3: The Service Credit

– You complete AWS feedback review PLUS reply to email.
– AWS grants a service credit to you.
– We can usually complete the WAR and remediate the majority of high risk items within the service credit amount – making the exercise cost neutral to you.

Why use WOLK for your Well-Architected Review?

WOLK are a leader of the AWS Well-Architected Program and have a wealth of experience in reviewing and remediating High Risk Items within your workload. We have developed and maintain tools and unique internal processes that streamline our review and remediation process, reducing the cost and allowing for a cost neutral outcome.

As part of the Well-Architected Process, we highlight the requirement for ongoing measuring and monitoring of your compliance and workloads. WOLK offer a solution in the form of ongoing managed services that are specifically designed around the Well Architected Framework and could include:

– No out-of-pocket expenses for review and remediation.
– AWS spend invoiced monthly.
– Additional account controls or guardrails.
– Simplified and enhanced security features (Single Sign On / SSO).
– Ongoing access to updated tools, processes and monitoring.

How moving to AWS improves security for your entire organisation.

There are many good reasons why so many large organisations have moved their operations to the Amazon Web Service (AWS) cloud platform. We touched on a few of them in this blog last week. But possibly the most important benefit AWS offers organisations is a first-rate security framework, security being one of the 5 pillars we’ve touched on before.

The security pillar of AWS is designed to “protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies”.

7 DESIGN PRINCIPLES

The security pillar is based on the following seven design principles:

1) Implement a strong identity foundation: Implement the principle of least privilege and enforce separation of duties with appropriate authorization for each interaction with your AWS resources. Centralize identity management, and aim to eliminate reliance on long-term static credentials.

2) Enable traceability: Monitor, alert, and audit actions and changes to your environment in real time. Integrate log and metric collection with systems to automatically investigate and take action.

3) Apply security at all layers: Apply a defense in depth approach with multiple security controls. Apply to all layers (for example, edge of network, VPC, load balancing, every instance and compute service, operating system, application, and code).

4) Automate security best practices: Automated software-based security mechanisms improve your ability to securely scale more rapidly and cost-effectively. Create secure architectures, including the implementation of controls that are defined and managed as code in version-controlled templates.

5) Protect data in transit and at rest: Classify your data into sensitivity levels and use mechanisms, such as encryption, tokenization, and access control where appropriate.

6) Keep people away from data: Use mechanisms and tools to reduce or eliminate the need for direct access or manual processing of data. This reduces the risk of mishandling or modification and human error when handling sensitive data.

7) Prepare for security events: Prepare for an incident by having incident management and investigation policy and processes that align to your organizational requirements. Run incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery.

5 FOCUS AREAS

The design principles lay the foundation for the five focus areas of the security pillar:

1) Identity and access management
2) Detective controls
3) Infrastructure protection
4) Data protection
5) Incident response

There is plenty of overlap through these focus areas so it is important to consider how each area can build on or influence others. They should be viewed together as integrated components of your security program rather than individual siloed processes.

Why should all this matter to your organisation?

AWS offers a level of investment and expertise in cloud security that most organisations could not hope to achieve on their own. A few benefits include:

1) The most advanced digital security available.

2) AWS is scalable in every respect, so if there’s a change to your security needs, you can be sure you won’t “outgrow” AWS and need to look for another provider.

3) AWS customers number the tens of thousands, including leading financial organisations and government agencies, so you can be sure that your data is the safest it can be.

Cloud security is top-of-mind for organisations moving their workloads to the cloud or managing an existing application in the cloud. Reviewing an existing or planned application against the principles of the Security Pillar can help you determine what action your organisation needs to take to improve deficiencies and be as secure as possible.