Have You Completed an AWS Well-Architected Framework Review Lately?

Amazon first introduced customers to its AWS Well-Architected Framework in 2020 in the form of a whitepaper designed to help cloud architects build secure, high-performing, resilient and efficient infrastructure for their applications and workloads. As my colleague Ty Annen outlined in his Annual Performance Review blog post back in June, The AWS Well-Architected Framework is divided into five pillars of architectural best practices:

  1. Operational Excellence
  2. Security
  3. Reliability
  4. Performance Efficiency
  5. Cost Optimization

The AWS Well-Architected Framework has rapidly expanded to include domain-specific lenses, hands-on labs, and the AWS Well-Architected Tool, all of which provide a consistent approach for AWS cloud users to evaluate architectures and implement designs that can scale over time.

Once a Well-Architected Framework has been established, Amazon encourages customers to keep their cloud environments finely tuned by regularly evaluating their AWS workloads, identifying high risk issues and making and recording their necessary improvements. It provides a way for you to consistently measure your architectures against best practices and identify areas for improvement.

How it Works

The AWS Well-Architected Framework Review, often called the “AWS WAFR”, was developed to help IT professionals, operations staff and anyone with a cost interest to evaluate the workload and implement improvements for future workloads. AWS advises customers to complete the Framework Review quarterly.

As an AWS Advanced Consulting Partner and member of the AWS Well-Architected Partner Program, Lightstream has deep AWS knowledge and is certified to deliver an AWS Well-Architected Review that includes strategies to help you compare your workloads against best practices and obtain guidance to produce stable and efficient systems.

Prior to your Well-Architected Review, Lightstream can help you identify a priority workload to evaluate. Then together we’ll take a deep dive into that critical workload and provide recommendations as well as a roadmap to making the recommended modifications. Once you implement the modifications, you will receive credit funding from AWS to cover the cost of the Review and remediate.

It’s not uncommon for overworked and understaffed business leaders and IT professionals to put off performing Well-Architected Reviews. They think, everything is running smoothly so why try to fix something that isn’t broken? But the truth is, no matter how well your environment seems to be performing or how much you’ve managed to improve processes and increase your organization’s efficiency, you have the opportunity to do it even better.

The bottom line is this: you have a duty to correct misconfigurations and proactively avert security threats and financial and operational inefficiencies. And between new instances, changing security groups, and updated service offerings, you must make sure that your organization is maximizing every opportunity for savings and automation. The longer you put off Well-Architected Reviews, the greater your organization’s vulnerability is to cybersecurity attacks and getting bypassed by your competition.

Contact Lightstream to find out how Well-Architected Framework Reviews can optimize and update your AWS cloud environment, ultimately helping your organization to cut costs, increase revenue, ensure compliance, go to market faster and increase the quality of your products and services.

 

Introducing Well-Architected Framework Workshops from Microsoft Azure

Microsoft began familiarizing customers with its Azure Well-Architected Framework in 2020 in order to help customers design and build secure, scalable, high-performing solutions in Azure and to effectively and consistently optimize workloads. As I outlined in my Annual Performance Review blog post back in June, the Azure Well-Architected Framework is divided into five pillars of architectural best practices:

  1. Cost Management
  2. Operational Excellence
  3. Performance Efficiency
  4. Reliability
  5. Security

Once a Well-Architected Framework has been established, Microsoft encourages Azure customers to keep their cloud environments finely tuned by having periodic reviews performed against Azure best practices as well as specific business priorities in their cloud journey.

In August, Microsoft started offering Well-Architected Framework Technical Workshops for qualifying Azure customers. Each of the workshops in the series focuses on a different best practice pillar. It is recommended that reviews be performed quarterly, however Microsoft offers eligible customers fully funded workshops once a year.

How it Works

As a Microsoft Gold Cloud Platform Partner, Lightstream has deep Azure knowledge and is certified to help assess and analyze your architecture with Azure’s Well-Architected Review tool to identify risks.

Workshops begin with an evaluation of that specific aspect of your cloud environment – i.e., operational excellence, performance efficiency, reliability or security, depending on the workshop. As you complete the assessment, you’re provided a score for each pillar that you chose to evaluate and an aggregate score across the entire workload. Then we’ll advise what actions should be taken for optimization and create a plan to implement the prioritized, and funded recommendations.

It’s not uncommon for overworked and understaffed business leaders and IT professionals to put off performing Well-Architected Reviews. They think, everything is running smoothly so why try to fix something that isn’t broken? But the truth is, no matter how well your environment seems to be performing or how much you’ve managed to improve processes and increase your organization’s efficiency, you have the opportunity to do it even better.

The bottom line is this: you have a duty to correct misconfigurations and proactively avert security threats and financial and operational inefficiencies. And between new instances, changing security groups and updated service offerings, you must make sure that your organization is maximizing every opportunity for savings and automation. The longer you put off Well-Architected Reviews, the greater your organization’s vulnerability is to cybersecurity attacks and getting bypassed by your competition.

Contact Lightstream to find out how Well-Architected Framework Technical Workshops can optimize and update your Azure cloud environment, ultimately helping your organization to cut costs, increase revenue, ensure compliance, go to market faster and increase the quality of your products and services.

 

Faster, More Reliable Content Distribution at a Lower Cost? Thank you CloudFront

Those of us old enough to remember downloading songs from Napster will recall how frustrating it could be due to the time-consuming, constant buffering process. Fast forward to 2021, when nearly everyone has access not only to streaming music on demand, but endless video content from Amazon Prime, Netflix, Hulu and an ever- growing variety of media apps. It’s never been easier or faster to listen to music or view content whenever and wherever we desire it.

The reason for this huge jump in speed and convenience is content delivery networks, or CDNs. Once only afforded by large corporations like Apple and Facebook, the cloud now gives organizations of all sizes cost-effective access to CDNs. Amazon first introduced its CloudFront CDN back in 2008, and it has evolved into an easy-to-use, convenient add-on for AWS cloud customers. Today, Amazon CloudFront delivers content to end users with lower latency using a global network of 225+ Points of Presence (215+ Edge locations and 13 regional mid-tier caches) in 90 cities across 47 countries. CloudFront customers enjoy three distinct advantages: an enhanced user experience, financial optimization (FinOps) and greater security.

Enhancing the User Experience

End users are provided faster, more reliable content when it’s hosted on a CDN. That’s because the global network of edge locations puts the content physically closer to the user, whether that content is high-def videos or documents and data used for business applications. CloudFront also leverages Amazon’s highly resilient, fully redundant, global backbone network for superior performance and availability for end users. Moreover, it automatically maps network conditions and intelligently routes a user’s traffic to the most performant AWS edge location to serve up cached or dynamic content.

But most users aren’t aware of all of that. All they know is that they’re able to set their eyes (and/or ears) on whatever documents or rich media content they’re seeking without hassle or interruption. And as we know, this has become the expectation. Organizations simply can’t afford to deliver anything other than a seamless user experience.

Harnessing Cost Savings, or FinOps

AWS customers who use CloudFront benefit from a cost-efficient and customizable pay-as-you-go model. Keeping everything “in house” with AWS means there are no transfer fees for origin fetches from any AWS origin (or server). And at no additional charge, AWS Certificate Manager (ACM) lifts the burdensome process of purchasing, uploading and renewing SSL/TLS certificates. Simply put, the data-out charge you pay on AWS is cheaper when you use CloudFront (versus a competitive product).

Earlier this year, Amazon introduced the CloudFront Security Savings Bundle, which, in exchange for a monthly spend commitment, provides businesses with up to 30% savings on their CloudFront bill. Customers looking to take advantage of even steeper discounts and custom pricing can do so by agreeing to minimum traffic commitments typically in the area of 10 TB/month or higher.

Augmenting Security

CloudFront adds an extra layer of protection for websites, as the CDN puts additional security features at the edge location. AWS Shield Standard uses application-level and network-level security assets to keep data safe against common network and transport layer DDoS attacks. Organizations wishing to protect against more complex infrastructure attacks have the option to add products such as AWS Shield Advanced and AWS Web Application Firewall (WAF).

Contact Lightstream today to find out how we can help you implement Amazon CloudFront and integrate it with other AWS services such as AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for your applications and Lambda@Edge to further enhance the user experience by running custom code to personalize content and improve latency.

MID-YEAR FOLLOW UP: 2021 Security Anti-Predictions

Back in January, we took a slightly different approach to the annual trend prediction blog post and instead sounded off about what the cybersecurity community predicted would NOT happen in 2021. At the time, industry veteran and Vice President of Security Strategy at Lightstream, Rafal Los took to social media to ask, “What’s the thing that probably won’t happen in cybersecurity in 2021?” Now that we’re midway through the year, we wanted to check in and see how accurate their anti-predictions were.

Tied for #1: Password Elimination & Meaningful Asset Management

Raf’s social media followers resoundingly agreed in January that we wouldn’t see an end to passwords as a means to protect our assets, and it shouldn’t come as a surprise to anyone that this forecast was 100% accurate. We still don’t have a better way to protect our personal and enterprise data, as thumb print and facial recognition technology have not yet evolved to ironclad status.

And though the work-from-home trend is not as strong as it was at the start of the year, the unpredictability of the COVID-19 virus continues to cause skepticism about re-implementing a full-time, on-site work strategy. That means remote workers continue to be at risk for identity-related breaches, and maintaining control of computer-related assets, including software, unauthorized devices and loss of security is still a major priority for corporate IT.

Asset management remains a significant challenge, particularly for the mid-sized business market that lacks the deep pockets to afford the security measures that large corporations have in place. Therefore, IT professionals must utilize the remainder of the year to adopt new ways to improve the identification, tracking and management of employees, applications and devices that access resources.

#2: Widespread Zero Trust Adoption

Most of Rafal Los’s respondents shared the sentiment early in 2021 that while the adoption of Zero Trust principles was imperative for the advancement of cybersecurity, they weren’t confident about it being widely adopted in the immediate future. As it turns out, we’re happy to report that this prediction may have been short sighted.

It’s possible that they underestimated COVID-19’s ability to accelerate the adoption of a Zero Trust model. It seems that the pandemic and resulting rise in cybersecurity attacks have fueled investments in new cybersecurity strategies as well as the buzz surrounding Zero Trust security.

According to CISO Mag, a recent report highlighted that more than three-quarters (78%) of companies around the world say that Zero Trust has increased in priority and nearly 90% are currently working on a Zero Trust initiative (up from just 41% a year ago).

The security of every organization depends on a new way of thinking, and the Zero Trust model of “never trusting, always verifying” is profoundly beneficial in an environment where remote working continues to be a trend. Lightstream’s Managed Security Services platform incorporates automation, Zero Trust concepts, best practices and industry-specific compliance to help IT leaders manage costs effectively, reduce complexity and improve the efficiency and efficacy of data center, network and cloud security.

#3: Fully Patched Environments/Systems

At the outset of 2021, Rafal Los’s social media followers were spot-on in their prediction that fully patched environments and systems would be highly unlikely this year. A perfect example of this is Microsoft’s so-called Printnightmare vulnerability that continues to be an issue as of the date of this blog post. Microsoft released a patch for this Print Spooling vulnerability in June of 2021. However, as we explained in January, much like how water usually finds a way to break through that patch in your garden hose, attackers are experts in finding ways to circumvent applied patches when the underlying cause is not fully remediated.

This patch, like so many others released by software providers, can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems.

The process of identifying, categorizing, prioritizing, and resolving vulnerabilities in operating systems, enterprise applications (whether in the cloud or on-premises), browsers and end-user applications is an ongoing process that requires considerable time and resources. Therefore, we stand by our advice for enterprise IT to consider outsourcing this initiative to a trusted provider.

#4: Elimination of Phishing

We were far from shocked when many of Raf’s social media followers were emphatic that phishing scams would continue to haunt corporate IT in 2021. In fact, Digital Information World reported that a recent study found that phishing site volume in Q1 of 2021 outpaced Q1 of 2020 by 47 percent. They further reported that phishing is an ever-growing problem particularly for e-commerce and cryptocurrency platforms, but that social media and other sites and platforms that offer financial services also continue to experience phishing at a high rate.

According to the Federal Trade Commission (FTC), scammers were increasingly causing a threat to online retail shoppers, the rental car market, job searchers, and those seeking mortgage relief. They also warned against government imposter scams. The FTC recently issued the following alert:

COVID opened the door for scammers to double down on their worst practices, while preying on consumers during an unprecedented pandemic.

Moreover, Harvard Business Review recently reported that 2021 has seen a dramatic increase in business-related phishing scams, with high-profile ransom attacks against critical infrastructure, private companies, and municipalities grabbing headlines on a daily basis. Lightstream recommends that IT professionals take a multi-faceted security approach to lessen the number of phishing attacks and reduce the impact when attacks do occur.

#5: Unification of C-Suite & Security Professionals

Some of Raf’s respondents forecasted that there would continue to be a dangerous rift between security professionals and the executives/boards they support. A June 2021 Security Magazine article stated that because the majority of security leaders are three steps away from the CEO, only 37% of security professionals believe their organization values and effectively leverages the expertise of the cybersecurity leader. Furthermore, cybersecurity leaders shared they have assumed more accountability and risk, but struggle to achieve the desired security posture, because they are not seen as influential or valued members of their peer group. If you ask us, the next six months represent a major opportunity for companies to develop strategies to ensure accountability “goes both ways.”

#6: Effective Use of Machine Learning

Despite the skepticism expressed by Rafal Los and his social media respondents earlier this year, it seems that enterprise budgets for Artificial Intelligence (AI) and Machine Learning (ML) have been on the rise in 2021. Inside Big Data reported in July that The AI industry is growing and we’re seeing a shift in priorities to more organizations viewing deployment of practical AI as a core strategy and moving away from mere experimentation. Several media outlets are reporting an uptick in the use of machine learning in healthcare and finance, with AI and ML being used to improve consumer experience and engagement, automate business practices, predict cardiovascular disease and mortality, and translate brain signals from paralyzed patients.

Contact Lightstream to find out how we can help you unify strategies to build secure, generational capabilities that can help your organization accomplish its goals in 2021 and beyond.

Overcoming Security Challenges at Mid-Market Organizations

When it comes to cybersecurity, mid-market organizations are uniquely challenged. They encounter many of the same issues that large enterprises do, but in most cases are forced to try to remedy them without the substantial budgets and IT departments that major corporations have.

According to first quarter 2021 Middle Market Business Index data from advisory firm RSM, 28% of middle market executives reported a data breach at their company in the last year, the highest level since RSM began tracking data in 2015 and a significant increase from 18% in 2019. Larger middle market organizations were most at risk, with 42% of executives at those companies reporting a breach, compared to 16% at smaller counterparts.

As attacks and adversaries ramp up, mid-market businesses find themselves in a battle to sustain their growth and security budget. Facing a shortage of security talent without the deep pockets to pay the high salaries demanded by top-level security professionals, these positions often go unfilled and the responsibilities associated with them are assigned to other staff members who are already overworked and wearing too many hats. In other cases, these positions get filled by less-qualified candidates. Either way, the organization is at risk of increased vulnerability to security breaches.

Another challenge is the siloed nature of security tools. The effectiveness of an organization’s security program on the operational side is often inversely proportionate to how many times IT professionals have to switch screens to figure out what’s going on. If you do not have a highly scalable and optimized security infrastructure backed by a qualified team to analyze threats in near real-time and respond, it puts you at significant risk and disadvantage – no matter how much technology you buy.

The pandemic and resulting economic downturn of 2020 exacerbated these issues. When countless companies throughout the world were forced to shut down, mid-market organizations with outdated infrastructure were unable to scale down in response. They overpaid for technology, licenses and features they no longer needed at a time when they couldn’t afford to waste valuable budget dollars. Moreover, with the majority of staff forced to work from home, users were accessing the network and data from everywhere, making the challenges of protecting assets even greater and requiring an increasing number of resources.

Outsourcing and the evolution of security service providers

What is a security threatened, budget constrained, short-staffed mid-market company to do? Many organizations are led to the decision to fully or partially outsource the day-to-day operations of their security program. For the past 20 years, this meant hiring a Managed Security Service Provider (MSSP). While doing so took some of the security management responsibilities off of the in-house IT team, it was not without its flaws. In order to remain profitable, most MSSPs rigidly deliver “cookie cutter” solutions. They are paid to monitor a dashboard and if there are any concerns, they simply alert the company to the issue. It is a best-effort model wherein the customer still remains very much engaged – thus delivering little real value.

Today, the MSSP is slowly being replaced by Security as a Service (SECaaS). With this new and improved “all-inclusive” delivery model, the service provider integrates their security services into the corporate infrastructure on a subscription basis. In most cases this is more cost effective than it would be for the midsized organization to manage its own security, particularly when total cost of ownership is considered. With SECaaS, the organization no longer has to worry about purchasing and managing infrastructure, tools and licenses. Instead, it is protected by a provider that partners directly to provide everything needed – tools, expertise, staffing – to deliver a next generation security services in a pay-as-you-go model.

This new model delivers immediate value by completely lifting the day-to-day security management off the IT department. And when the business needs to scale up or down quickly in response to seasonal or other shifts in demand, they can simply add to or remove services and scale up or down as business requires while delivering desired security outcomes.

In today’s world where the unpredictability of life comes at you fast, organizations must have the mindset that “IT comes at you faster.” IT must have the ability to immediately respond, support and thrive under whatever circumstances the organization is experiencing. It is imperative that organizations adopt a zero trust model, which trusts no one and requires continuous verification and multi-factor authentication for anyone trying to access the network. Mid-market companies that partner with the right SECaaS provider can gain peace of mind by relying on their vendor to update settings based on current threats.

For advice on how your midsized business can overcome its security challenges and adopt a zero trust model, contact the experts at Lightstream. As a networking and cloud company that integrates security into everything we build, we specialize in 24x7x365 network monitoring, detecting, protecting, analyzing and remediating security issues. We’ll help you manage costs effectively, reduce complexity and improve the efficiency and efficacy of your data center, network and cloud security.

The Annual Performance Review for your Cloud Environment

Where is your organization in its cloud journey? Perhaps you facilitated its migration to a cloud architecture several years ago and so far, it seems as though everything is operating like a well-oiled machine. Or maybe you’ve only recently begun moving applications to the cloud and are still discovering the features and benefits offered by the major cloud service providers (CSPs). Or like many enterprises, you may now be moving past cloud migration and on to strategy.

Regardless, our experience with a diverse mix of cloud users from across all industries and at varying levels of cloud adoption has taught us something all users have in common:

There is always room for improvement.

That’s right. No matter how smoothly you think your environment is running or how much you’ve managed to improve processes and increase your organization’s efficiency, you have the opportunity to do it even better. Here’s how.

Establish a Well-Architected Framework from the start

For those in the planning phase of cloud migration, you will want to partner with a provider that uses a set of standard best practices to plan and implement your cloud environment. Amazon Web Services (AWS) and Microsoft Azure have both labeled these best practices The Well-Architected Framework, which consists of five pillars of architecture excellence:

  1. Cost Optimization
  2. Operational Excellence
  3. Performance Efficiency
  4. Reliability
  5. Security

When architecting technology solutions on AWS and Azure, incorporating these pillars into your architecture helps produce the most secure, high-performing, resilient and efficient infrastructure for your applications. This not only allows you to focus on the other aspects of design, such as functional requirements, but it also helps ensure that you’re building a system that will meet up to your expectations and requirements.

Maintain the most stable and efficient systems

Your cloud environment is ever-changing. Between new instances, changing security groups, and updated service offerings, it can sometimes feel impossible to stay abreast of the latest and greatest. That’s why whether you’re a cloud newbie or a veteran, your business will benefit from conducting a Well-Architected Review every 12 months. The Well-Architected Review is a systematic approach to evaluating AWS and Azure architectures in order to identify and fix potential issues with the environment and guarantee that it is optimized for financial and operational efficiencies.

It can be difficult for time-crunched and overburdened IT departments to successfully perform these reviews. Outsourcing some of the more time-consuming and complex tasks of cloud management has become an attractive option for many organizations. Lightstream Cloud Managed Services offers its customers the annual performance of Well-Architected Reviews as a proactive way to shed light on any security, operational and performance issues, as well as to make sure that the organization is maximizing every opportunity for savings and automation.

Lightstream’s four areas of key management for cloud platforms are security, finance, technology and operational expertise. These key areas just happen to align perfectly with the pillars of architecture excellence that AWS and Azure abide by, which to reiterate are security, cost optimization, operational excellence, performance efficiency and reliability. The fact that Lightstream’s core values are so in sync with those of the major CSPs has become a major benefit to our customers.

Gain a competitive advantage

Ensuring that your infrastructure is optimized and up to date can give your business a competitive advantage in the marketplace. In general, Lightstream Cloud Managed Services customers are better positioned to achieve five business outcomes after undergoing a Well-Architected Review:

  • Reduce costs
  • Increase revenue
  • Ensure compliance
  • Go to market faster
  • Increase the quality of products or services

Harnessing the speed and agility offered by the cloud is the first step. But with those advantages come risks such as misconfiguration, security threats and financial and operational inefficiencies. If you’re not proactive about avoiding these risks, you open your organization up to multiple vulnerabilities that cybercriminals and competitors are waiting to capitalize on.  Therefore, the question is not “can I afford to maintain a Well-Architected Framework?” but, “can I afford not to?”

To learn about how Lightstream Cloud Managed Services can help your enterprise identify and remediate security vulnerabilities, improve compliance, technically right-size applications and reduce your cloud spend, contact us today or visit http://lightstream.tech.

The Role of Hybrid Connectivity and AWS Direct Connect in a Post-Pandemic World

It’s no secret that the role of technology in our lives – and our livelihoods – grew exponentially since the pandemic began in early 2020. The internet became our lifeline for entertainment, remote working, education, shopping for everything from groceries to PPE, and for staying in touch with friends and family. The businesses that survived did so not by luck, but by racing to transform their operations and digitize their services. Restaurants all over the world were forced to close their doors, but many were able to continue to serve their customers by putting their menus and ordering services online and providing contactless payment and delivery. Grocery stores had to establish virtual shopping carts to give home-bound people access to much-needed food and supplies. Schools and enterprises with once bustling offices and classrooms had to make a dramatic shift almost overnight in order to facilitate entirely remote workforces and student bodies.

All of this was made possible by the cloud. Cloud service providers (CSPs) like Amazon Web Services (AWS) and Microsoft Azure saw unprecedented demand, with cloud spending increasing to $39 billion. Caught off guard, IT professionals everywhere scrambled to ramp up network connectivity so that it could support this new normal. They had to not only facilitate business processes in the cloud, but they had to do so via fast, reliable and secure connections. Staff members needed uninterrupted access to mission-critical apps no matter where they were located. Employees and students alike needed full virtual access to their desktops, and the data needed to be secured to ensure compliance with regulations. Restaurants and retailers had to protect valuable customer credit card accounts. Smooth customer experiences were integral to business survival. And organizations couldn’t afford exposure to attacks during an already tumultuous time.

An uncomplicated, efficient solution

For many of these organizations, the answer came in the form of hybrid connectivity, or dedicated network connections from premises to cloud. AWS Direct Connect for example, enables private connections between AWS and customer data centers, offices or colocation environments, which increases bandwidth throughput and provides a safer, more consistent network experience than internet-based connections. Businesses with strict regulatory requirements that demanded the use of private connectivity were able to build hybrid environments with services such as AWS Direct Connect that allowed them to continue utilizing their existing infrastructures.

Elasticity is another benefit of AWS Direct Connect, as it provides 1 Gbps and 10 Gbps connections, and you can easily provision multiple connections if you need more capacity. Many organizations were even able to reduce their bandwidth costs by transferring their data to and from AWS directly instead of via their ISP — a major perk during a time of economic crisis.

Preparing for the future

As we begin to emerge from the pandemic, many enterprises are bringing their employees back to the office. However, a recent study  from the Becker Friedman Institute in Chicago predicts that 20% of workdays will continue to be work-from-home (WFH) after the pandemic ends, compared with just 5% before. According to the study, this shift can be credited with better-than-expected WFH experiences, new investments in physical and human capital that enable WFH, greatly diminished stigma associated with WFH, lingering concerns about crowds and contagion risks, and a pandemic-driven surge in technological innovations that support WFH.

More than a year since the pandemic started, consumer habits have also permanently changed. Judging by how online grocery sales are estimated to increase from today’s $106 billion to over $250 billion by 2025, according to market research firm Mercatus, it’s clear that many people prefer to do their grocery shopping online and will continue to do so. As life returns to normal, ecommerce offers busy consumers a more convenient way to shop for whatever they need – from groceries and personal care items to clothing, furniture, home décor and even automobiles. Studies have also shown that higher education students have a strong preference for hybrid learning, as it combines the social experience that they crave with the flexibility of remote study.

If these predictions are any indication, cloud spending will also continue to increase in the coming years. Gartner projects that by 2024, cloud will make up to 14.2% of total global enterprise IT spending, while at the end of 2020, cloud made up just 9.1% of global enterprise IT spend. Cloud interconnection is the way organizations can build a hybrid cloud that facilitates low latency, highly secure and available data transfer between their on-premises data centers and the cloud. Hybrid connectivity services such as Direct Connect from AWS is a cost-effective way for businesses across all industries to provide employees, students and customers with fast, reliable and secure access to their desktops and shopping carts.

One major takeaway from the events of the past year is that organizations must be prepared for the unthinkable. Hybrid connectivity models such as AWS Direct Connect can do just that by future-proofing businesses and giving them the flexibility they need to survive when disaster strikes. Business continuity must be a priority not just for large enterprises, but for every business across every sector.  Moreover, since many of the consumer habits adopted during the pandemic are likely to remain with us permanently, you can gain an edge over competitors by using this opportunity to augment or even remake the online components of your business.

Lightstream can help

Lightstream first began as a WAN service provider way back in 2004. Our expertise is deeply rooted in networking and interconnectivity – and more recently with AWS Direct Connect and global network connectivity – which makes us uniquely qualified to deploy complex dedicated interconnections. Lightstream is proud of its status as an AWS Advanced Consulting Partner and is well versed in meeting compliance requirements and determining your cyber exposure for AWS. We’ll help you get AWS Direct Connect up and running quickly from a network of global service providers reaching 198 countries. Contact us today to find out how we can take the complexity out of your on-premise and cloud convergence, including network integration, cloud migration, security and system monitoring, all supported through 24/7 managed services.

AWS FinOps – Saving Money or Making Money?

How to regain financial and operational control and ensure a fully optimized AWS cloud environment (including insights on AWS gp3)

We’re working in an era where business moves at lightening speeds. Technology has drastically increased our ability to innovate, our speed to market, and the ease with which we can scale up or down in response to ever-changing needs. But with this enhanced agility and on-demand performance comes big tradeoffs in the form of financial accountability and corporate governance. Gone are the days when a staff member would fill out a purchase order, submit it to accounting for approval, and wait days (or even weeks) for the greenlight to make the purchase. Our on-demand expectations have phased out the spending analysis step from the procurement model.

In few places is this truer than cloud environments. All too often, inefficiencies are not uncovered until after the damage has been done and we’ve wasted significant portions of our -cloud budget on needless overspending. And let’s be clear:  wasting money means you’re not making money. This is why there is so much buzz surrounding FinOps these days. Short for financial optimization, FinOps is the practice of bringing financial accountability to the variable spend model of cloud, enabling distributed teams to make business trade-offs between speed, cost and quality. There are a variety of ways to optimize cloud spending, such as contracting and other savings programs, reserved instances and infrastructure add-ons that can boost efficiencies.

Optimizing AWS Cloud Performance

AWS is one cloud provider that consistently launches new technologies to increase the cost effectiveness of its cloud environments. The R&D teams at AWS are always looking for new ways to make their tools more functional and less costly. One of the most recent products is gp3, a new type of solid-state drive (SSD) Amazon Elastic Block Store (EBS) volume that lets you provision performance independent of storage capacity and offers a 20% lower price than existing gp2 volume types. The new gp3 volume type is designed for use with Amazon EC2 instances, an elastic compute cloud where virtual servers are procured as either dedicated servers or as part of a physical server. With gp3 volumes, customers can scale IOPS (input/output operations per second) and throughput without having to provision additional block storage capacity. This means customers only pay for the storage they need.

We find that most users are spending two-thirds of their budget on their EC2 product, and within that, about 40% of the spend is EBS related. The first step in optimizing this spend is to gain visibility across your entire environment and identify areas of high or rapid growth, then use best practices to optimize and contain your costs. Some ways to do this are by deleting or converting unattached disk storage, deleting old snapshots and terminating unused assets. Once you have done this initial analysis and clean-up, you can start taking advantage of savings programs. Based on your historical cost and usage data, AWS can recommend savings plan types, terms and payment options.

While it’s true that AWS and other cloud providers offer many ways for customers to save, it’s not always easy and can be quite time consuming to achieve results. Organizations often find that they don’t have the manpower to stay on top of cloud-cost management.

To help reduce the complexity of financial optimization, Lightstream offers a proprietary tool called Lightstream Connect that provides a holistic view of your technology spend and network through a single pane of glass. Lightstream Connect is not a new offering, however it was recently enhanced in early 2021 in response to AWS’s gp3 release. The first to market this type of functionality, Lightstream’s automated tool analyzes usage patterns and drives to gather statistics and generate a concise report of recommendations for infrastructure modifications that can increase savings.

Realizing Your Potential Savings

Most organizational leaders aren’t aware of just how much they can save by -optimizing their cloud environments. In fact, it’s not uncommon for businesses to cut as much as 20% of their monthly spend without jeopardizing security or performance. Financial and IT professionals who either aren’t sure how to go about taking advantage of these savings or don’t have time to devote to it should find a partner like Lightstream that is an AWS Advanced Consulting and Microsoft Gold Partner and invests in the tools and talent necessary to secure and optimize cloud environments. Lightstream helps customers re-incorporate financial, technology, operational and security accountability -back into cloud spending either by making it easier for them to monitor and assess their own environments, or by removing the burden entirely and doing it for them.

Lightstream has helped many customers to achieve -cloud optimization. With ongoing management of their cloud environments, on finance alone we save our customers millions of dollars every year. One customer was spending $1.2 million per month in AWS. Their IT team didn’t have the time, resources or visibility they needed to understand exactly where that money was being spent. Upon assessing their environments, Lightstream discovered that they lacked tags and partitions. So, we assisted them in a tagging strategy and determined that they were actually losing money on one of their products. Our Cloud Managed Services (CMS) team optimized the product to -improve its performance and make it profitable, ultimately saving the corporation over $1.5 million annually.

Lightstream offers a free assessment to identify which EBS workloads you should migrate to gp3 volumes and calculate your potential savings using our proprietary EBS optimization analytics application. To speak with a representative about having your environment assessed at no cost to you, contact us today.