Case Study: AWS Landing Zone for Penzilla in 3 weeks
Especially in an IT startup context, time to market and fast delivery is everything. When thinking about the fundamentals of a cloud-based setup like governance, monitoring, networking and cost control you pay for all the compromises later down the road and it’s usually very time consuming to re-implement the basics.
This holds exceptional significance if you take a regulated context into account where compromises on data privacy and GDPR compliance are not to dispute.
This case study shows the collaboration of Netlight and Penzilla to deliver a state of the art AWS landing zone including workload migration in only three weeks time to ensure a fast delivery based on a high quality cloud setup.
Penzilla is an ambitious early-stage fintech startup determined to disrupt the corporate pension industry through automation. Their vision is to provide companies with a seamless and efficient way to manage employee pensions using a Software-as-a-Service (SaaS) solution. In pursuit of compliance and data security, Penzilla’s top priority was to ensure their SaaS platform adhered strictly to the General Data Protection Regulation (GDPR) guidelines, while having a platform that easily scales on AWS.
To achieve this, Penzilla enlisted the expertise of Netlight to help setting up an AWS Landing Zone based on industry best practices using AWS Control Tower and AWS Landing Zone Accelerator.
Netlight initiated the engagement by starting comprehensive discussions with the Penzilla team. The team aimed to gain a deep understanding of the startup’s business objectives, technical requirements, and unique challenges associated with handling sensitive financial and personal data. Penzilla emphasized the importance of a secure, scalable, and GDPR-compliant SaaS platform that would cater to the diverse needs of various corporate clients of different sizes.
Partner Solution: With a clear understanding of Penzilla’s goals and regulatory requirements, Netlight set out to design a cutting-edge Landing Zone solution. The team architected the platform on AWS, leveraging its robust security features, scalability, and compliance capabilities. Special attention was given to implementing data encryption, access controls, and audit trails to safeguard user information while meeting GDPR requirements.
Netlight designed a centralized logging and monitoring system to track and analyze all activities within the SaaS platform, including centralized AWS CloudWatch Logs and AWS CloudTrail logs. This enabled real-time detection of potential security breaches or data misuse, ensuring timely responses and compliance with GDPR’s reporting requirements. Additionally, security services like Security Hub, GuardDuty, Macie and Audit Manager can be centralized in a dedicated Audit Account so only permitted people can access it.
To prevent unauthorized access to sensitive data, Netlight implemented multi-tier access controls. Only authorized personnel with specific roles were granted access to critical data. Additionally, data-at-rest and data-in-transit were encrypted, ensuring that even in the event of a breach, the data would remain protected.
With the centralized logging and monitoring Systems, Penzilla is prepared to establish a routine security assessment and compliance audit process.
To accommodate Penzilla’s growing client base, Netlight designed the Landing Zone to be highly scalable and performance-oriented. The low code capabilities and account vending features of AWS Landing Zone Accelerator will help Penzilla to easily scale and manage their Landing Zone from a central place as code, which is transparent, auditable and secure.
Recognizing the importance of knowledge transfer, Netlight conducted comprehensive training sessions for Penzilla’s technical and operational teams. The training covered best practices for AWS Landing Zones and using CDK to migrate their existing workloads to a multi-account setup, empowering Penzilla’s team to maintain and expand their platform with confidence.
Results and Benefits: Through the collaboration with Netlight, Penzilla achieved several significant outcomes:
- A long term solution for AWS Landing Zone with a multi-account setup in only three weeks using AWS best practices with AWS Landing Zone Accelerator and AWS Control Tower
- AWS Identity Center for SSO to enforce security standards like password policies and multi-factor authentication company-wide to reduce on- and off boarding cost and increasing the security of the AWS-based platform
- Centralizing network with the centralized egress/decentralized ingress pattern will help to secure the network traffic of Penzilla’s workload and keep the setup cost efficient (saving ~30% of cost on AWS VPC components)
- Migrating their manually managed infrastructure to AWS CDK incl. upskilling of Penzilla’s development team for faster time to market
- GDPR Compliance: The Landing Zone Setup was designed, developed, and operated in full compliance with GDPR regulations, instilling trust and confidence in Penzilla’s corporate clients.
- Scalability and Performance: The scalable architecture enabled Penzilla to handle increased demand seamlessly, supporting their rapid growth and expansion.
By partnering with Netlight, Penzilla successfully took the next step in their vision of automating corporate pension management through a GDPR-compliant setup on AWS. Netlight’s expertise in AWS-based solutions, GDPR compliance, and data security proved instrumental in creating a robust and scalable solution that addressed the specific needs of Penzilla’s fintech startup. As Penzilla continues to disrupt the corporate pension industry, they can rely on their secure and compliant AWS setup to drive innovation and build lasting relationships with their clients.
About the Partner — Netlight: Netlight, an IT and Management consultancy company and AWS Advanced Tier Services Partner, operates with a unique commitment to an open and collaborative atmosphere. The organization’s extensive network of skilled AWS professionals, located across various global hubs, makes it a top choice for tackling complex IT challenges. Netlight’s partnership with Penzilla exemplified their expertise in crafting innovative, scalable, and practical solutions in the realm of AWS Landing Zones.
