Apex Networks achieves a secure and well-governed AWS environment leveraging DoiT’s DevOps expertise
Meet Apex Networks
Leveraging DoiT to mature the DevOps practice, improve governance, observability, and security controls for AWS infrastructure
Apex Networks is a technology company offering advanced networking solutions to transportation and logistics clients since 1999. The company offers a range of services such as network design and implementation, managed services, and support to service providers such as vehicle recovery, patient transport, and windscreen replacement. By leveraging a team of highly skilled engineers and technicians to continuously develop their software, Apex Networks has become a market leader that can deliver high quality, customized solutions to meet the needs of small businesses and large enterprises that want to optimize their networking infrastructure in a digital world.
The Challenge
Apex Networks faced significant challenges in governance, observability, and security for workloads running on AWS. These challenges were compounded by a single-account architecture that housed all workloads. As the organization grew, leadership recognized that moving to a multi-account structure would be more sustainable and enable better governance and security controls.
However, implementing this architecture required additional expertise and in-depth knowledge that Apex Networks lacked in-house. To address this gap, Apex engaged DoiT to help leverage IaC, DevOps, and DevSecOps principles to manage AWS account vending and associated security controls. By modernizing deployment methods, Apex Networks sought to reduce operational overhead and establish consistent standards across deployments, laying the foundation to mature its DevOps practice.
The Solution
DoiT’s Cloud Reliability Engineers (CREs) conducted initial discovery sessions to identify key scaling challenges: a single-account architecture that limited granular security controls, labor-intensive compliance audits, and slow, manual deployments on outdated infrastructure.
First, to align with AWS architectural guidelines, the DoiT team applied AWS best practices and implemented a new, dedicated AWS Organizations “management account.” They also deployed AWS Control Tower to enforce and manage governance at scale across AWS Organizations and accounts. DoiT complemented this with custom guardrails tailored to Apex Networks’ workloads and auditing/governance needs. The team integrated these with AWS IAM Identity Center (successor to AWS SSO) and the existing IdP, allowing Apex Networks to manage security controls consistently and automatically.
To address audit and compliance, DoiT built and deployed reusable AWS CloudFormation StackSets to manage security controls consistently across existing and new accounts. This included IAM Access Analyzer, Amazon GuardDuty, and AWS Security Hub, which together delivered a secure, well-governed AWS environment. By enabling monthly access-review reports to support ISO/IEC 27001 auditing, DoiT helped Apex Networks address essential governance and security items ahead of the upcoming audit.
The final step in solving Apex Networks’ scaling challenges was addressing its outdated infrastructure. The previous manual deployment methods created significant operational overhead. DoiT’s CREs provided training, demonstrations, and best-practice documentation on using AWS Systems Manager to deploy and configure Apex Networks’ large Amazon EC2 fleet. To further enhance networking, DoiT performed a network architecture review, recommended improvements, and modernized the deployment approach by creating an IaC template to deploy VPCs, networking, and network-security controls for newly vended accounts. By automating deployments and aligning the infrastructure to DevOps best practices, Apex Networks has significantly reduced operational overhead.
Regular review sessions guided the successful implementation of these strategic improvements. By staying in close collaboration with DoiT, Apex Networks was able to improve and refine their approach continuously. Consequently, Apex Networks achieved significant growth in its DevOps and DevSecOps capabilities, establishing a strong foundation for future iterations of its DevOps practice. Its networking infrastructure was optimized, yielding new efficiencies and improving deployment quality.
The Results
Working with DoiT, Apex prioritized essential governance and security items ahead of the upcoming ISO/IEC 27001 audit, reducing risk and demonstrating readiness. Expert guidance and a quick start with AWS Systems Manager drove operational efficiencies, further reducing overhead.
By implementing security services (e.g., IAM Access Analyzer, Amazon GuardDuty, AWS Security Hub) and DevSecOps principles, the organization’s security posture improved significantly. Modernizing and standardizing the deployment approach led to operational efficiencies for the operations teams, allowing them to focus on higher-value tasks.
Additionally, Apex Networks enhanced its AWS setup and achieved a secure, well-governed environment, enabling the development team to adopt DevOps principles while maintaining required security controls.