For the most part, CloudCheckr is invisible to Railigent’s end customers—but those customers get a better product because CloudCheckr is running, Glöckner says. “In general our goal behind the decision of using cloud based services like AWS is a faster time-to-market,” he says. “CloudCheckr helps us focus on the right things.” The result: End customers get a more secure platform that is also more responsive to their needs.
Keeping Costs on Track
Although security was Glöckner’s primary concern, it was not the only thing Railigent needed to monitor—controlling cloud spend was also important, as well as gaining visibility into how much individual teams were spending on cloud services. Everything needed to work seamlessly across Railigent’s four AWS accounts—sandbox, dev, test and production—as well as be compatible with the company-wide IT rules and guidelines.
Siemens Mobility Services started a Proof of Concept trial with CloudCheckr in December 2016, and started using CloudCheckr in production in mid-2017.
“As soon as it’s set up, you have immediately all the CloudCheckr security recommendations,” Glöckner explains. “The cool thing is it gives you a checklist, and this is combined with reporting functionality, and you can prioritize security problems and say yes, we definitely need to work on this problem first. This is exactly what we did, and that helped us to improve the overall security of our ecosystem.”
Not only did security improve immediately, but so did cost monitoring. One of the first cost-related recommendations CloudCheckr provided, Glöckner remembers, was that Railigent did not need the more expensive RDS Microsoft SQL Server Standard Edition and could save 30-40% in RDS costs by switching to the RDS Microsoft SQL Server Web Edition. “Which is what we did, and we saved the costs,” he says.
Siemens has strict corporate guidelines about how each developer and team should tag cloud resources, but AWS’ billing reports only allow sorting by one tag dimension—not enough granularity for actionable business insights. With CloudCheckr, Siemens gets reports that break down costs based on as many tags as necessary. This makes it possible to track costs by team and project and to manage internal budget allocation in a way that would not be possible otherwise.
Moving Forward with CloudCheckr
Now that Railigent has been up and running on CloudCheckr for over a year, over 100 Siemens employees use CloudCheckr on a regular basis, primarily to check for cloud security vulnerabilities, unexpected costs and to follow up on both security and cost optimization recommendations.
From a cost perspective, team members can look at an instance report and sort by potential cost savings, allowing them to focus on resizing instances where the potential savings are a dollar per hour rather than two cents per hour. Glöckner estimates that Railigent continues to save up to 20% in total cloud costs because of CloudCheckr’s recommendations.
It’s harder to put a value on security improvements, but Glöckner is emphatic that Siemens has had better control over all four AWS accounts from the day CloudCheckr was implemented. The prioritized security checklists CloudCheckr provides make is easy to ensure that Railigent is following best practices and the alerting features means that security vulnerabilities are brought to the team’s attention immediately—and never lead to security breaches.