LaiZy by TC2: A fully managed, Modular AWS Landing zone solution for enterprises

01 - The challenge

01

The challenge

The public cloud, including the market leader AWS, offers a variation of innovative solutions at a low cost and easily accessible on its platform. Companies, whether small startups or leading multinational enterprises, can consider promising cloud use cases.

However, there are common fears that hinder or completely suppress the realization of these ideas and initiatives. Typically, the two main concerns are: can we provide adequate security and compliance guarantees for solutions running in the cloud without risking our business? The other concern is usually about costs incurred in the cloud: can we properly oversee them, are they predictable, and do we have sufficient control over cost elements?  

How to maintain proper control in our AWS environment while leaving enough freedom for users? What tools and processes need to be in place to achieve this optimal setup? 

In response to these challenges, TC2 has created the LaiZy modular AWS platform solution, utilizing feedback and experience from nearly a decade of project and long-term operational support, working closely with AWS experts. 

02 - The solution

02

The solution

Automation: Automated deployment of all AWS resources, components, and configurations from software code Infrastructure as Code (IaC), and any subsequent changes also made from software code. These software codes are versioned, with change requests implemented through an approval process to ensure that the built systems operate with maximum security.  

Platform architecture: scalable AWS environment setup, customizable for the client according to organizational units, their roles, and interactions. TC2 takes an active role in designing this together with the client.  

Identity and access management:  groups and roles, Single Sign-On system, and identity provider integration design and setup.  

Security: built-in “security by design” basic security settings in the software modules to minimize accidental configuration errors. Our recommended settings are based on standards tested and applied in enterprise banking environments.  

Network design: The established network infrastructure is prepared for hybrid solutions with segmented network and subnet zones, implemented with firewall component set up for layer 3-7 filtering between segments, which is capable of fitting into a zero trust architecture solution, and can connect in a scalable and secure way with other on-premise locations and cloud providers. 

Support: Setup of security and operational monitoring tools to support the live operation of business application systems established in or migrated into LaiZy, events to be monitored, and standard action responses (runbooks) for these. TC2 can provide level 1 or level 2 operational support in collaboration with the client’s professional team. Changes are made to the IaC software configurations as part of the operational support.  

Operation and managed service: TC2 can also provide the LaiZy solution to its clients at a fully managed level, where maintenance, updating, fine-tuning, and if needed, modification of AWS components, updating and maintaining the IaC code all happen as part of the service, in a transparent, easily understandable form.

Related case studies

Sorry, no posts matched your criteria.

See our other case studies!