Contact us
Sign in

Case Study

Apex Networks achieves a secure and well-governed AWS environment leveraging DoiT’s DevOps expertise

Client
Apex Networks Ltd.
Industries
Software
Technologies
Location
Kent, United Kingdom

Leveraging DoiT to mature the DevOps practice, improve governance, observability, and security controls for AWS infrastructure

Apex Networks is a technology company offering advanced networking solutions to transportation and logistics clients since 1999. The company offers a range of services such as network design and implementation, managed services, and support to service providers such as vehicle recovery, patient transport, and windscreen replacement. By leveraging a team of highly skilled engineers and technicians to continuously develop their software, Apex Networks has become a market leader that can deliver high quality, customized solutions to meet the needs of small businesses and large enterprises that want to optimize their networking infrastructure in a digital world.

The brief

Apex Networks faced significant challenges related to the governance, observability, and security controls of their workloads running on AWS public cloud infrastructure. These challenges were compounded by an architecture that had all workloads running within a single AWS account. As the organization and teams grew, Apex’s leadership and IT teams realized that shifting to a multi-account structure would be more sustainable, and allow for better governance and security controls.

However, implementing such architecture required additional expertise and in-depth knowledge that the team at Apex Networks did not have on their IT team. To address the gap in expertise, Apex Networks engaged DoiT to help them leverage IaaC, DevOps, and DevSecOps principles to manage AWS accounts vending and associated security controls. By modernizing their deployment methods, Apex sought to reduce operational overhead while driving a consistent standard across deployments, laying the foundation to continue to mature their DevOps practice in the future.

What we did

DoiT’s Customer Reliability Engineers (CREs) conducted initial review sessions with the customer to quickly identify the key challenges to scale for Apex Networks’ infrastructure: a single account architecture that prevented implementing more granular security controls, laborious and manual compliance audits, and slow, manual deployment methods on an outdated infrastructure.

First, to ensure the existing structure’s compliance with AWS architectural guidelines, the DoiT team applied AWS DevOps best practice to implement a new, dedicated “Management Account”. They also deployed AWS’s Control Tower, a service to enforce and manage governance rules at scale across all organizations and accounts in the AWS Cloud. DoiT complemented this with customized guardrails to meet the customer’s specific workloads and auditing governance needs. The team integrated these with IAM Identity Center and the customer’s existing IdP solution to allow Apex to now manage and maintain their security controls with consistency and automation.

To address challenges with audit and compliance, DoiT then built and deployed reusable AWS CloudFormation Stacksets to manage AWS security controls for existing and new accounts. This included IAM Access Analyzer, GuardDuty, and Security Hub, which together delivered a secure and governed AWS environment. And by enabling monthly access reports to assist with the required auditing for ISO 27001 compliance, DoiT helped Apex address essential governance and security items before Apex’s upcoming audit.

The last piece of solving Apex’s struggle to scale was in addressing its outdated infrastructure. The previous deployment methods were manual and therefore created operational overhead. DoiT’s CREs provided training, demonstration, and best practice documentation for AWS Systems Manager to deploy and configure the Apex’s large EC2 Fleet. To further enhance the networking infrastructure, DoiT also performed a network architecture review, made recommendations, and modernized the deployment approach by creating an IaaC template to deploy VPC, Network, and Network Security controls for newly vended accounts. By automating deployment methods and aligning the infrastructure to DevOps best practices and methodology, Apex is now able to control much more of the team’s operational overhead.

Regular review sessions throughout helped to guide the successful implementation of these key strategic improvements. By staying in close collaboration with DoiT, Apex was able to improve and refine their approach continuously. Consequently, the customer achieved significant growth in their DevOps and DevSecOps capabilities, establishing a strong groundwork for future iterations of their DevOps practice. Their networking infrastructure was successfully optimized within the digital landscape to realize new efficiencies and improvements in the quality of deployments.

The result

Working with DoiT, Apex focused on addressing essential governance and security items ahead of the upcoming ISO 27001 audit, which minimized risk and demonstrated compliance. The advisory and quick start of AWS Systems Manager drove operational efficiencies, further reducing overhead.

By implementing security services such as Network Security and DevSecOps principles, the organization’s security posture improved significantly. The modernization and standardization of the deployment approach and capabilities led to operational efficiencies for the Ops Teams, allowing them to focus on higher-value tasks.

Additionally, Apex Networks enhanced their AWS setup and achieved a secure and governed AWS environment, which enabled the development team to adopt DevOps principles while maintaining the required level of security controls.

Chris White, CTO
“DoiT International’s expertise in DevOps practice and AWS infrastructure management played a significant role in securing and operationalizing our infrastructure at scale. in our decision-making process. Their commitment to delivering cost-effective and optimized solutions, while providing zero-cost support were critical factors in choosing to collaborate with DoiT. With their help, we were able to implement additional automation, improve our security and governance posture, and manage our infrastructure as code in order to simplify version control, maintenance, and automation.”

Related case studies

see all case studies
Let’s do it

From cost optimization to cloud migration, machine learning and CloudOps, we’re here to make the public cloud easy — without the costs.

Ready to get started?

Get in touch

Company

Offering

Support

Never miss an update.

Subscribe to updates, news and more.