Solving a Cost Management Mystery
Leaf Group has been leveraging CloudCheckr’s robust cloud management platform for about five years, predating Felker and team. Yet they began working closely with CloudCheckr about a year ago, when a colleague approached Information Security Engineer Kevin Kang about a cost issue for Society6. Prior to August 2019, the S3 costs for the site were often much higher than expected.
Kang used CloudCheckr to identify problems with the company’s object lifecycle management policy. This helped him find the solution, which was to change storage types. The result: decrease in cost by about 25% year over year.
Those costs have held steady, even with increases in traffic. “One important thing to note is that Society6 has seen a significant increase in traffic compared to last year,” Kang says. “Under the old S3 policy, our costs would likely have increased accordingly. However, the cost has remained remarkably steady throughout 2020.”
When asked why he chose CloudCheckr over the tools in AWS, the decision for Kang was simple. He and his colleagues are specialists in Information Security, but not necessarily in AWS. They needed a single-pane view into the data they needed without having to learn all of the specifics of the vast AWS environment.
“This data is all available in AWS, and you can access it using their native tools, but it’s so complicated and requires you to already know these things when you set it up,” Kang says.
Gaining a Better User Experience
Ease of use is also a factor in the Information Security team’s decision to integrate CloudCheckr in their daily operations. Walter Carbajal, Jr. Security Engineer, handles AWS certificate management and has found that CloudCheckr makes the data simple to access and understand.
“CloudCheckr has been a great asset for me to drill down on certain things. The UI is much easier to use than AWS,” Carbajal says. “Since we have so many accounts, sometimes it’s hard to track down where the certificates are and whether they’re expired or not, so CloudCheckr aggregates these different certificates for all these accounts into one place, to identify any that are expired or misconfigured.”
Having access to the data all in one place helps Carbajal improve time management. Checking back and forth between different accounts and regions takes quite a bit of time and expertise. CloudCheckr saves him from having to check different accounts and regions to find a single piece of information.
“Using CloudCheckr, everything is there in one aggregated account, and even regions,” Carbajal says. “It definitely saves a lot of time when we’re trying to look for something.”
Identifying Security Improvements Across Teams
The ease of use in CloudCheckr has also made it easier for Leaf Group’s Information Security personnel to shore up their cloud security and ensure compliance with standards for selling on AWS Marketplace. According to Felker, CloudCheckr has helped them monitor and address these issues and ensure the right security controls are in place.
For Kang, CloudCheckr’s security features better enable him to log and monitor day-to- day events, such as email alerts.
“We were able to identify some developer teams that had access to a privileged access key that they shouldn’t have had. It was a legacy, hand-me-down thing where it wasn’t tracked properly,” Kang explains. “Because CloudCheckr alerted us to these security events, we were able to launch our own investigation into ‘Where is this coming from? Who is using this?’ and identify the root cause of that issue. We were able to leverage CloudCheckr to start enforcing some stricter policies on the teams.”
By bringing awareness to the organization about these policies, Information Security has been able to get buy-in across departments. Now they can also enforce Multi-Factor Authentication across functions.
These measures serve the overall cloud security strategy on their team and ensure the integrity and security of all of Leaf Group’s brands. Felker says that CloudCheckr will help his team address high-value tactical items in their security strategy, such as reviewing cloud security controls and meeting third-party compliance standards.
Streamline Your Portfolio with CloudCheckr
CloudCheckr CMx is built to support the most complex organizational structures and achieve significant cost savings while ensuring the highest level of public cloud security and compliance.
Through CloudCheckr’s cloud management solutions, Leaf Group has been able to reduce costs, identify security vulnerabilities, and increase efficiency across their diverse portfolio of brands.