TC2 LaiZy Modular AWS Platform Solution

In response to these challenges, TC2 has created the LaiZy modular AWS platform solution, utilizing feedback and experience from nearly a decade of project and long-term operational support, working closely with AWS experts.  

TC2 LaiZy for Enterprise 

Based on several iterations of large complex hybrid Cloud migrations for our customers, we have created LaiZy for Enterprise to make sure companies can avoid the pitfalls of the Cloud journey from architecture, operating model and governance perspective. Our solution was tested with Banks and Telco companies with rigorous IT security and compliance requirements and is tailored for hybrid or multicloud scenarios where traditional systems have to integrate with each other between sites on filesystem, network and API level. 

What’s included in our services: 

Automation: Automated deployment of all AWS resources, components, and configurations from software code Infrastructure as Code (IaC), and any subsequent changes also made from software code. These software codes are versioned, with change requests implemented through an approval process to ensure that the built systems operate with maximum security.   

Platform architecture: scalable AWS environment setup, customizable for the client according to organizational units, their roles, and interactions. TC2 takes an active role in designing this together with the client.   

Identity and access management: groups and roles, Single Sign-On system, and identity provider federation and integration design and setup.   

Security: built-in “security by design” basic security settings in the software modules to minimize accidental configuration errors. Our recommended settings are based on standards tested and applied in enterprise banking environments.   

Network design: The established network infrastructure is prepared for hybrid solutions with segmented network and subnet zones, implemented with firewall component set up for layer 3-7 filtering between segments, which is capable of fitting into a zero trust architecture solution, and can connect in a scalable and secure way with other on-premise locations and cloud providers.  

Support: Setup of security and operational monitoring tools to support the live operation of business application systems established in or migrated into LaiZy, events to be monitored, and standard action responses (runbooks) for these. TC2 can provide level 1 or level 2 operational support in collaboration with the client’s professional team. Changes are made to the IaC software configurations as part of the operational support.   

Operation and managed service: TC2 can also provide the LaiZy solution to its clients at a fully managed level, where maintenance, updating, fine-tuning, and if needed, modification of AWS components, updating and maintaining the IaC code all happen as part of the service, in a transparent, easily understandable form. 

FinOps: cost optimization analysis live dashboard, which is suitable for managing split cost and chargeback modeling in a large organization using shared Cloud resources between business units. 

Security dashboard: based on AWS Security Lake technology, incorporating major information sources from AWS platform to a live dashboard to analyze meaningful insights in logs and events. The solution is open to ingest further information from application logs or other platforms in OCSF format. 

This solution is recommended for companies with large organizations, complex IT landscape with many integrations and dependencies, or for merge and acquisition cases to support a carve out or merge scenario. 

TC2 LaiZy for digital natives 

Digital native companies often have a greater flexibility and can afford to run their entire IT platform and assets on one platform, often in the Cloud. We have created our solution for them, with a lightweight, yet secure and scalable solution which is perfect to get started their Cloud journey with. Our idea is that no matter how small project you start in AWS, you should have the right foundations to build upon, in case your project outgrows itself. 

What’s included in our services: 

Automation: Automated deployment of all AWS resources, components, and configurations from software code Infrastructure as Code (IaC), and any subsequent changes also made from software code. These software codes are versioned, with change requests implemented through an approval process to ensure that the built systems operate with maximum security.   

Platform architecture: scalable AWS environment setup, customizable for the client according to organizational units, their roles, and interactions. TC2 takes an active role in designing this together with the client.   

Identity and access management: groups and roles, Single Sign-On system, and identity provider design and setup using built-in AWS technologies.   

Security: built-in “security by design” basic security settings in the software modules to minimize accidental configuration errors. Our recommended settings are based on standards tested and applied in enterprise banking environments.   

Network design: The established network infrastructure is prepared for modern application solutions with segmented network and subnet zones, implemented web application firewall for layer 7 network security on the API level, which is the widely accepted and used for modern web applications.  

Support: Setup of security and operational monitoring tools to support the live operation of business application systems established in or migrated into LaiZy, events to be monitored, and standard action responses (runbooks) for these. TC2 can provide level 1 or level 2 operational support in collaboration with the client’s professional team. Changes are made to the IaC software configurations as part of the operational support.   

Operation and managed service: TC2 can also provide the LaiZy solution to its clients at a fully managed level, where maintenance, updating, fine-tuning, and if needed, modification of AWS components, updating and maintaining the IaC code all happen as part of the service, in a transparent, easily understandable form. 

FinOps: cost optimization analysis to follow monthly trends in AWS incurred cost details. 

Security dashboard: based on AWS Security Hub, the top compliance and security rules are highlighted and are integrated with the alerting notification system. 

This solution is recommended for companies, who want to start their Cloud journey with rapid and lightweight steps but still need to have a strong control over security and costs.