services

AWS Best Practices

I grew up in the cloud. Let me architect your infrastructure.

Don’t worry if your software will collapse when you add new customers. I will help you build a scalable system that’s hard to hack and fast.

AWS Is Complex

Far too many companies expect that moving to “the cloud” is a simple and effective way to offload technology risk. In fact, many cloud vendors make it clear that security of the cloud is what they do. Security in the cloud is still your company’s responsibility.

That means you need to correctly design, implement and secure all the cloud infrastructure that you use. You need a cloud-first architect helping you.

I have seen too many companies that expect their infrastructure to simply continue to work. Then they double their customers and everything freezes up and crashes. I’ve also seen companies that expect nothing can go wrong in the cloud - and then they lose their business because of a server crash.

If you don’t understand the complexities of VPCs, EC2 instances, GuardDuty, CloudHSMs, CloudWatch Logs, and other AWS services, then you need an expert. I am certified at the highest level by AWS to provide this service to you.

I specialize in both rebuilding existing AWS infrastructure as well as starting from scratch. I’m no stranger to the complexities of database and application migrations.

What I’ll Provide

I will do a complete audit on your existing cloud infrastructure. This means:

  • Identifying single points of failure (SPOFs)
  • Reviewing backup and restoration
  • Reviewing configuration against the AWS Well Architected Framework
  • Suggesting changes and prioritizing the most needed based on your business needs
  • Implementing a proper multi-account strategy
  • Consolidating logging and alerting into a single account
  • Limiting the potential blast radius from mistakes and attacks

How I Provide It

Utilizing AWS native tools, I will upgrade your existing AWS accounts and infrastructure to follow best practices. I will provide your engineering team with adequate training in the new processes to increase your security.

I use AWS’ own systems for ongoing monitoring, setting up monitoring in CloudWatch, CloudTrail, and setting Billing Alerts.

I strongly believe in using services like AWS Config, GuardDuty, and Trusted Advisor to right-size your cloud spend.

I also have a plethora of third-party tools that I have used successfully to secure cloud infrastructure for companies of many sizes.

Do you need cloud help?

Become a client