Resource Security

Signiant Saves Time and Money While Improving Security with CloudCheckr

File transfer provider increases visibility across AWS infrastructure

Saw 91% ROI on RI purchases, with a value of $80,000 recouped over five months
Mitigated risk through CloudCheckr alerts for changes made against AWS security policy
Provided Finance team with self-service access to up-to-date cost information in CloudCheckr

Managing a Growing AWS Environment

Founded in 2000, Signiant moves petabytes of high-value data every day by connecting people, systems, and the cloud. Signiant’s patented file movement solutions serve thousands of media and entertainment companies as well as life sciences researchers, financial services, nonprofits, and other enterprises performing big data analytics. The company runs their services across a variety of cloud infrastructure providers, with Amazon Web Services (AWS) being the main provider.

Early on, Signiant found tracking changes and costs of their AWS accounts manageable. That was when they only had one development account and one production account. As customer demand for their SaaS solutions grew, so did their use of cloud infrastructure.

Within months, Signiant had nine AWS accounts for various departments in the company including pre-sales, development, and production. Tracking changes, forecasting costs and monitoring for security across this many accounts became increasingly difficult and time-consuming. The DevOps team began investigating third-party solutions to help them:

  • Save money by proactively managing costs across their AWS infrastructure
  • Automate the purchasing on reserved instances (RIs) to optimize AWS spend
  • Improve security by managing numerous changes to AWS reserved instances (RIs)
  • Provide the finance team with self-service tools to obtain up-to-date costs for AWS investments

 

Seeing Immediate Return on Investment

After evaluating multiple potential solutions, Signiant decided to take advantage of the risk-free free trial of the CloudCheckr platform to validate that it fully met the company’s needs for managing AWS Reserved Instances (RIs) and both cost and security management.

“From the beginning it was clear that the feature set of CloudCheckr went significantly beyond that of the other applications we were looking at,” says Dave North, the Director of DevOps at Signiant. “Within the first week, the S3 reporting functionality in CloudCheckr alone revealed immediate cost savings that paid for the monthly subscription for CloudCheckr three times over. Combine that with RI tracking and cost forecasting, we had seen enough to make a purchase decision.”

 

Optimizing Spend Through Automated RI Purchasing

AWS offers an auto-scaling feature that adds and removes machines based on demand. Signiant developed a tool to refine their purchase decisions using data from CloudCheckr’s Reserved Instances by Frequency report to automate the purchasing of RIs based on historical resource utilization and predictive analytics sourced from the CloudCheckr platform. This empowers the DevOps team at Signiant to confidently acquire the resources needed at the most effective price point to keep costs down and resource utilization up.

“Leveraging CloudCheckr data in our own homegrown tool, we spent around $80K to purchase 165 RIs in just one minute and got an ROI of 91 percent,” North says. “CloudCheckr showed us that we’ll recoup that $80K in just five months, with the remainder of the year at a pure cost savings.”

“The CloudCheckr change reports and best practice recommendations shows me if access permissions in our security groups for an AWS account provide users greater access than needed to do their job. That lets us immediately fix the vulnerability before it turns into a true security issue.”

 

Dave North, Director of DevOps, Signiant

Improving AWS Security Posture

With multiple AWS accounts and multiple users making changes, Signiant needed greater visibility into those changes to monitor for security issues. They use the Daily Change reports, alerts and CloudCheckr Best Practices to look for security holes introduced by changes made during the previous 24 hours. CloudCheckr also alerts Signiant by email when a change goes against AWS security policy. At that point, Signiant approves or rejects the change based on how it impacts the business and security.

“The CloudCheckr change reports and best practice recommendations shows me if access permissions in our security groups for an AWS account provide users greater access than needed to do their job,” explains North. “That lets us immediately fix the vulnerability before it turns into a true security issue.”

As well as being a security auditing feature, the change monitoring capabilities also helps to uncover potential hidden costs. Personnel creating the AWS instances often don’t fully understand the cost implications, so CloudCheckr allows for instant follow-up on these cases. For example, the visibility in CloudCheckr helped Signiant identify potential security issues when a developer spun up very large AWS instances so that they could take back control of their cloud environment.

 

Unifying DevOps & Finance Around AWS Cost Management

As the company’s AWS cloud infrastructure has grown, Signiant has found it increasingly difficult to provide the frequent cost updates for each AWS account requested by Signiant’s Finance team. In the past, they had to manually pull together data from numerous different accounts to satisfy each request. With RIs coming on- and offline as demand dictated, Signiant was trying to pin down a static number for each account from a dynamic, moving target. The process had become unmanageable and the information only accurate for a point in time. CloudCheckr allows Signiant to provide the Finance team with “self-service” access to its up-to-date cost information.

“Because we now have continuous visibility across all our AWS accounts within CloudCheckr, it’s easy for Finance to see where the spend is and helps create accountability across key stakeholders,” says North. “I think the Finance team now uses CloudCheckr as much or more than I do!”

 

Going Above and Beyond with Customer Support

Having previously worked in customer support services, the Signiant team recognizes good customer service when they experience it.

 “The support team worked with me to quickly resolve any issues we found,” says North, “going the extra mile to perform incredibly quick patch rollouts where needed. When we were less familiar with certain CloudCheckr features, they even offered us one-on-one training. Every interaction with the CloudCheckr support team ranks up there as one of the best experiences I’ve had with any vendor.”

CloudCheckr continues to exceed Signiant’s expectations.

See CloudCheckr CMx in Action

Schedule a demo to learn how you can get started with CloudCheckr.

Download Case Study