Compliance and governance
The proprietary DFX5 Cloud Governance Framework (CGF) provides a complete guidebook for governing cloud resources. The massive explosion of cloud services and the data that accompanies it, requires a proper set of governance rules and regulations. These guidelines meet and exceed industry specific requirements by establishing best-practices for managing cloud resources.
Invest at the beginning and save a lot of effort & time in the future
At DFX5, we evaluate your business potential of proper cloud governance by using a multi-disciplinary approach that takes into considerations the different perspectives and objectives of business, technical, and subject matter experts. The evaluation phase of the CGF includes a total cost of ownership calculation that provides a transparent overview of costs and a series of actionable tasks for cost reduction. At DFX5, our experienced team guides your journey to cloud governance following the key-pillars of the AWS Well Architected Framework.
Oftentimes, companies are focused on the quick wins and instant added value but forget to do the simple things that sustain the building blocks of growth. While at first these oversights might not be problematic, as the organization grows, the misconfigured resources begin to create nuisances that can become problematic. These situations tend to boil over once a surprising and unexpected bill is invoiced and no one can claim responsibility for the over-provisioning of resources. In our experience, the lack of the proper configuration of governance guidelines enables these painful situations that lead to unproductive work environments. At DFX5, we use our experience to assist your company avoid industry pitfalls by establishing proper governance principles from the start and following up on compliance.
The CGF is an iterative methodology that serves as the overarching guiding force for all cloud products and services. Compliance with CGF is mandatory and any deviation is identified and alerted for correction. The result is that the organization can manage billing, allocate resources, provision services, and control all aspects of the cloud. With this approach design, your firm can achieve a portfolio rationalization in a shorter time but maintain a proper balance between innovation and security.
At DFX5, we configure the whole set of services supporting governance, from user management to industry-compliance, and everything in between. The CGF utilizes a variety of services including AWS Config, AWS Organizations, AWS Trusted Advisor, AWS Service Catalogue, AWS IAM, AWS CloudWatch, AWS CloudTrail and many more.
Within AWS ecosystem we use the concept of a landing zone, as a virtual environment with a variety of services, permissions, and data ready to be used. However, as organization grew, the complexity of managing the landing zones became a burden. To proper manage and configure all necessary landing zones, AWS launched a managed service called AWS Control Tower for an easy and seamless managing experience.
What is AWS Control Tower?
AWS Control Tower provides the easiest way to set up and govern a secure, compliant, multi-account AWS environment based on best practices established by working with thousands of enterprises. With AWS Control Tower, end users on your distributed teams can provision new AWS accounts quickly, but still in a control way. Meanwhile your central cloud administrators will know that all accounts are aligned with centrally established, company-wide compliance policies.
AWS Control Tower has the following features:
- Landing zone – A landing zone is a well-architected, multi-account AWS environment that’s based on security and compliance best practices. This is the enterprise-wide container that holds all of your organizational units (OUs), accounts, users, and other resources that you want to be subject to compliance regulation. A landing zone can scale to fit the needs of an enterprise of any size.
- Guardrails – A guardrail is a high-level rule that provides ongoing governance for your overall AWS environment. It’s expressed in plain language. Two kinds of guardrails exist: preventive and detective. Three categories of guidance apply to the two kinds of guardrails: mandatory, strongly recommended, or elective.
- Account Factory – An Account Factory is a configurable account template that helps to standardize the provisioning of new accounts with pre-approved account configurations. AWS Control Tower offers a built-in Account Factory that helps automate the account provisioning workflow in your organization.
- Dashboard – The dashboard offers continuous oversight of your landing zone to your team of central cloud administrators. Use the dashboard to see provisioned accounts across your enterprise, guardrails enabled for policy enforcement, guardrails enabled for continuous detection of policy nonconformance, and noncompliant resources organized by accounts and OUs.
DFX5 has experience setting up a variety of AWS Control Towers using best practices from the field of cloud governance. We bring cloud governance early in the process of cloud journey for facilitating experiments with the AWS services in a controlled sandbox environment, with a proper pipeline for code development, integration, testing, and eventual deployment. Typical engagements begin with proofs of concepts that are tested to check for validity and compliance. DFX5 experienced team helps you identify key stakeholders and organizational units, prepare methods to govern your cloud initiatives, setup AWS Control Tower including AWS Organizations, AWS Config, AWS Single Sign-On, and be supportive your governmental teams (for example compliance or enterprise architecture team).
DFX5 is a global company with offices in Miami, Prague, and San Juan. Focused on technology consulting, DFX5 specializes in the use of innovative solutions, offered by Amazon Web Services. The DFX5 team is composed of cloud experts who are certified as Solutions Architects, Professionals, and Specialists in fields like Data, Analytics, Machine Learning, and more.
DFX5 delivers best-in-class solutions following best-practices and well-architected frameworks. Our proven success with Fortune 500 companies around the world is a testament to the utmost commitment we have with our clients. At DFX5 we are honored that our clients bestow upon us the confidence to manage their technology infrastructure. We are emboldened to continue growing and expanding our services following our proven methodologies.
Do not hesitate to contact us, and we can emerge on the journey together!