AWS Well-Architected Review: applying the Framework

AWS Well-Architected Reviews use the AWS Well-Architected Framework to provide a consistent approach to evaluate and remediate systems, based on best practices for designing and operating reliable, secure, efficient, and cost-effective systems for the cloud.

WOLK is a certified AWS Advanced Well-Architected Partner and is certified to provide AWS Well-Architected Reviews.

What to expect from a review:

– Free Initial Consult.
– No Commitment.
– Leading Partner of the AWS Well-Architected Program.

The process of the AWS Well-Architected Review is to take a specific workload and review it using an approach created to facilitate consistent, considered and excellent process and design. The review takes shape using a three step process:-

1) Learn – Gather information about your workload.
2) Measure – Review your workload with all the right people.
3) Improve – Create recommendations using a statement of works.

Stage 1: The Review

– You grant WOLK read-only access to your account and we complete the review with you.
– We create a document outlining the remediation work the workshop reveals.
– We present the High Risk Items (HRIs) to you along with the Scope of Work (SOW) for sign-off.
– Once signed-off, we allocate time to do the remediation, this typically takes up to two weeks.

Stage 2: The Remediation

– WOLK to complete the remediation work.
– We complete the second milestone of the WAR tool.
– We submit the result to AWS.
– AWS requires that WOLK complete the remediation to qualify for the service credit.

Stage 3: The Service Credit

– You complete AWS feedback review PLUS reply to email.
– AWS grants a service credit to you.
– We can usually complete the WAR and remediate the majority of high risk items within the service credit amount – making the exercise cost neutral to you.

Why use WOLK for your Well-Architected Review?

WOLK are a leader of the AWS Well-Architected Program and have a wealth of experience in reviewing and remediating High Risk Items within your workload. We have developed and maintain tools and unique internal processes that streamline our review and remediation process, reducing the cost and allowing for a cost neutral outcome.

As part of the Well-Architected Process, we highlight the requirement for ongoing measuring and monitoring of your compliance and workloads. WOLK offer a solution in the form of ongoing managed services that are specifically designed around the Well Architected Framework and could include:

– No out-of-pocket expenses for review and remediation.
– AWS spend invoiced monthly.
– Additional account controls or guardrails.
– Simplified and enhanced security features (Single Sign On / SSO).
– Ongoing access to updated tools, processes and monitoring.

The Top 4 Ways to Use AWS to Improve Performance Efficiency

Amazon Web Services (AWS) employs a five pillar framework to guide and assist businesses in adopting continuous best practices through cloud services. You can use these conceptual pillars to improve the performance efficiency of a business.

The Performance Efficiency pillar is most crucial in developing performance. It involves using computing resources to improve the efficiency of a business’ systems and subsequently to sustain efficiency as the market changes and technologies advance.

At WOLK, we are AWS experts. With many years of experience designing complex network architecture, our team can help you leverage AWS to improve the performance efficiency of your business.

1. Allows Your Team to Focus on Core Competencies

Through the design principles of Performance Efficiency, businesses can use technology as a service rather than assigning members of their IT team to the task of learning, hosting, and running new technological services. Technologies such as NoSQL, a database that stores and retrieves data, can fulfil complex tasks quickly and efficiently, allowing members of your team to focus on the core competencies of your business. NoSQLs are used more in big data and real-time applications as they are faster and more flexible than other types of databases.

2. Lower Costs Through Serverless Architectures

Another product of the design principles of Performance Efficiency is the use of serverless architecture. This eliminates the need to operate using physical servers, which can be a tedious and costly operation. By managing services via the cloud, businesses can lower their costs, improving performance efficiency.

3. Optimise Architecture Through Service Selection

There are many types of AWS resources, from standard databases to artificial intelligence (AI) and data lakes. Through these systems, you can create and optimise an architecture to best suit your workload. Organisations can use data analysis software to find the most useful programs for their specific business or industry. AWS Partner Network (APN) suggests architecture selections based on industry knowledge. For example, it may recommend that you use Amazon Elastic Block Store for low-latency block cloud storage.

4. Improve Efficiency Through Innovation

Reviewing and monitoring are two of the best practices of Performance Efficiency. AWS is constantly innovating to meet customer demands. Through new innovative AWS services, regions, edge locations and other features, you can improve performance efficiency. Once you have implemented a new workload, you must monitor it and analyse its performance. AWS services like Amazon CloudWatch can monitor a workload and provide you with information and actionable insights, helping you determine opportunities to improve efficiency.

Get an AWS Well-Architected Review

WOLK is a partner of the AWS Well-Architected Program. With certifications to carry out framework reviews, we can help your business to improve performance efficiency. Contact us today to schedule a review.

How moving to AWS improves security for your entire organisation.

There are many good reasons why so many large organisations have moved their operations to the Amazon Web Service (AWS) cloud platform. We touched on a few of them in a previous blog. But possibly the most important benefit AWS offers organisations is a first-rate security framework, security being one of the 5 pillars we’ve touched on before.

The security pillar of AWS is designed to “protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies”.

7 DESIGN PRINCIPLES

The security pillar is based on the following seven design principles:

1) Implement a strong identity foundation: Implement the principle of least privilege and enforce separation of duties with appropriate authorization for each interaction with your AWS resources. Centralize identity management, and aim to eliminate reliance on long-term static credentials.

2) Enable traceability: Monitor, alert, and audit actions and changes to your environment in real time. Integrate log and metric collection with systems to automatically investigate and take action.

3) Apply security at all layers: Apply a defense in depth approach with multiple security controls. Apply to all layers (for example, edge of network, VPC, load balancing, every instance and compute service, operating system, application, and code).

4) Automate security best practices: Automated software-based security mechanisms improve your ability to securely scale more rapidly and cost-effectively. Create secure architectures, including the implementation of controls that are defined and managed as code in version-controlled templates.

5) Protect data in transit and at rest: Classify your data into sensitivity levels and use mechanisms, such as encryption, tokenization, and access control where appropriate.

6) Keep people away from data: Use mechanisms and tools to reduce or eliminate the need for direct access or manual processing of data. This reduces the risk of mishandling or modification and human error when handling sensitive data.

7) Prepare for security events: Prepare for an incident by having incident management and investigation policy and processes that align to your organizational requirements. Run incident response simulations and use tools with automation to increase your speed for detection, investigation, and recovery.

5 FOCUS AREAS

The design principles lay the foundation for the five focus areas of the security pillar:

1) Identity and access management
2) Detective controls
3) Infrastructure protection
4) Data protection
5) Incident response

There is plenty of overlap through these focus areas so it is important to consider how each area can build on or influence others. They should be viewed together as integrated components of your security program rather than individual siloed processes.

Why should all this matter to your organisation?

AWS offers a level of investment and expertise in cloud security that most organisations could not hope to achieve on their own. A few benefits include:

1) The most advanced digital security available.

2) AWS is scalable in every respect, so if there’s a change to your security needs, you can be sure you won’t “outgrow” AWS and need to look for another provider.

3) AWS customers number the tens of thousands, including leading financial organisations and government agencies, so you can be sure that your data is the safest it can be.

Cloud security is top-of-mind for organisations moving their workloads to the cloud or managing an existing application in the cloud. Reviewing an existing or planned application against the principles of the Security Pillar can help you determine what action your organisation needs to take to improve deficiencies and be as secure as possible.