TC2 LaiZy Modular AWS Platform Solution

01 - The challenge
01
The challenge
The public cloud, including the market leader AWS, offers a variation of innovative solutions at a low cost and easily accessible on its platform. Companies, whether small startups or leading multinational enterprises, can consider promising cloud use cases.
However, there are common fears that hinder or completely suppress the realization of these ideas and initiatives. Typically, the two main concerns are: can we provide adequate
security and compliance guarantees for solutions running in the cloud without risking our business? The other concern is usually about costs incurred in the cloud: can we properly oversee them, are they predictable, and do we have sufficient control over cost elements?
How to maintain proper control in our AWS environment while leaving enough freedom for users? What tools and processes need to be in place to achieve this optimal setup?
02 - The solution
02
The solution
In response to these challenges, TC2 has created the LaiZy modular AWS platform solution, utilizing feedback and experience from nearly a decade of project and long-term operational support, working closely with AWS experts.
TC2 LaiZy for Enterprise
Based on several iterations of large complex hybrid Cloud migrations for our customers, we have created LaiZy for Enterprise to make sure companies can avoid the pitfalls of the Cloud journey from architecture, operating model and governance perspective. Our solution was tested with Banks and Telco companies with rigorous IT security and compliance requirements and is tailored for hybrid or multicloud scenarios where traditional systems have to integrate with each other between sites on filesystem, network and API level.
What’s included in our services:
Automation: Automated deployment of all AWS resources, components, and configurations from software code Infrastructure as Code (IaC), and any subsequent changes also made from software code. These software codes are versioned, with change requests implemented through an approval process to ensure that the built systems operate with maximum security.
Platform architecture: scalable AWS environment setup, customizable for the client according to organizational units, their roles, and interactions. TC2 takes an active role in designing this together with the client.
Identity and access management: groups and roles, Single Sign-On system, and identity provider federation and integration design and setup.
Security: built-in “security by design” basic security settings in the software modules to minimize accidental configuration errors. Our recommended settings are based on standards tested and applied in enterprise banking environments.
Network design: The established network infrastructure is prepared for hybrid solutions with segmented network and subnet zones, implemented with firewall component set up for layer 3-7 filtering between segments, which is capable of fitting into a zero trust architecture solution, and can connect in a scalable and secure way with other on-premise locations and cloud providers.
Support: Setup of security and operational monitoring tools to support the live operation of business application systems established in or migrated into LaiZy, events to be monitored, and standard action responses (runbooks) for these. TC2 can provide level 1 or level 2 operational support in collaboration with the client’s professional team. Changes are made to the IaC software configurations as part of the operational support.
Operation and managed service: TC2 can also provide the LaiZy solution to its clients at a fully managed level, where maintenance, updating, fine-tuning, and if needed, modification of AWS components, updating and maintaining the IaC code all happen as part of the service, in a transparent, easily understandable form.
FinOps: cost optimization analysis live dashboard, which is suitable for managing split cost and chargeback modeling in a large organization using shared Cloud resources between business units.
Security dashboard: based on AWS Security Lake technology, incorporating major information sources from AWS platform to a live dashboard to analyze meaningful insights in logs and events. The solution is open to ingest further information from application logs or other platforms in OCSF format.
This solution is recommended for companies with large organizations, complex IT landscape with many integrations and dependencies, or for merge and acquisition cases to support a carve out or merge scenario.
TC2 LaiZy for digital natives
Digital native companies often have a greater flexibility and can afford to run their entire IT platform and assets on one platform, often in the Cloud. We have created our solution for them, with a lightweight, yet secure and scalable solution which is perfect to get started their Cloud journey with. Our idea is that no matter how small project you start in AWS, you should have the right foundations to build upon, in case your project outgrows itself.
What’s included in our services:
Automation: Automated deployment of all AWS resources, components, and configurations from software code Infrastructure as Code (IaC), and any subsequent changes also made from software code. These software codes are versioned, with change requests implemented through an approval process to ensure that the built systems operate with maximum security.
Platform architecture: scalable AWS environment setup, customizable for the client according to organizational units, their roles, and interactions. TC2 takes an active role in designing this together with the client.
Identity and access management: groups and roles, Single Sign-On system, and identity provider design and setup using built-in AWS technologies.
Security: built-in “security by design” basic security settings in the software modules to minimize accidental configuration errors. Our recommended settings are based on standards tested and applied in enterprise banking environments.
Network design: The established network infrastructure is prepared for modern application solutions with segmented network and subnet zones, implemented web application firewall for layer 7 network security on the API level, which is the widely accepted and used for modern web applications.
Support: Setup of security and operational monitoring tools to support the live operation of business application systems established in or migrated into LaiZy, events to be monitored, and standard action responses (runbooks) for these. TC2 can provide level 1 or level 2 operational support in collaboration with the client’s professional team. Changes are made to the IaC software configurations as part of the operational support.
Operation and managed service: TC2 can also provide the LaiZy solution to its clients at a fully managed level, where maintenance, updating, fine-tuning, and if needed, modification of AWS components, updating and maintaining the IaC code all happen as part of the service, in a transparent, easily understandable form.
FinOps: cost optimization analysis to follow monthly trends in AWS incurred cost details.
Security dashboard: based on AWS Security Hub, the top compliance and security rules are highlighted and are integrated with the alerting notification system.
This solution is recommended for companies, who want to start their Cloud journey with rapid and lightweight steps but still need to have a strong control over security and costs.
Other solutions

TC2 MigrEase – the migraine free migration solution
The use of cloud computing and digitalization is a prerequisite for improving the efficiency of business operations, the ability to adapt to market changes, the development of elasticity agility and optimal cost structures.

Machine Learning Solutions
Today's data-driven expectations place an increasing demand for the application of an integrated automatic decision model based on machine learning in the case of modern software. During its complex learning, Machine Learning (ML) can confidently absolve complex decision-making processes in hundredths of a second, which consumes extra time for human control and often presents the operators with an opaque, complex consideration situation, and cannot serve even a sudden increase in demand in this way.

DevOps
Automation is the key to the efficient functional expansion and operation of IT systems. Whether it is the development of a new function, preparation against attacks or other operations, the possibility of automatically building application environments, the automatic testing of our application and the promotion of versions between environments with minimal human intervention are now basic expectations in terms of competitiveness.