Philadelphia Area: (610)558-1730
Toll Free: (888)330-5378

Nettology Case Study


A company faces increasing costs and security concerns

Company A runs a Business Analytics Consulting Platform and has both Fortune 500 companies and mid-market clients. Their business infrastructure is currently running on Amazon Web Services (AWS) and  provides services to their clients, staff and development teams through a web-based 3- tier application.


The Challenges

Runaway Costs: As the company grew, their infrastructure quickly grew from 10 to 30 servers. The company which once benefited by the flexibility of the AWS cloud, has seen their monthly cost quadruple In a very short time.

Security Concerns: Consultant turnover led to misplaced passwords and security keys. Concern for general user security was growing and there was no methodology for restricting access to AWS resources.

Design Issues: Many of the company servers were open to the outside world. While their password policy was strict, traditional best practices of “locking down” networks were not followed during the design phase.

The Nettology Solution

The client initially hired the Nettology team to do an AWS billing assessment. Nettology consultants conducted a detailed cost analysis, and uncovered a $30,000 annual savings without any up-front costs. Pleased with the results, the client re-engaged Nettology.  Security concerns and several critical design issues in the environment were discovered.
After turning on logging capabilities, it was discovered that several users were logging in to the AWS console with the original admin ID and password. The Nettology team, in conjunction with Company A’s IT Director, identified the users and created unique, traceable usernames, and as well as implementing a multi-factor authentication process for accessing AWS resources. Nettology implemented Role-Based Security to ensure that access keys were not embedded in applications — which would make them available if compromised.
The Nettology team saw the presence of a VPN, but it was not being utilized. Virtually every server was available on the public internet through various ports including RDP, SSH and Microsoft infrastructure ports. Beginning with the testing and staging environments, Nettology redesigned the security on the networks and servers and ensured that the client and their Internet facing application had no downtime.


The Result

Company A achieved significant AWS cost-savings, lowered their risk significantly, and now has process and methodology in place for future growth — all  thanks to Nettology’s experts. For more information on Network Security Assessments and how they can help your company, click here.