Sorting

Deployments found: 3

Corte dei conti logo
XPeppers logo
"We have no concerns about security or compliance. It's not easy to replicate the same security levels that we have on premises, but working in AWS, we're confident that we're following best practices for data protection, network access, and other security measures", Leandro Gelasi, IT Officer
The Challenge Despite its long-established roots,Corte dei conti (Cdc)isn’t an institution that has remained entrenched in the past. It understands that modernization is key to keeping relevant in a fast-moving world, and as a result it has embraced change in its processes and structure. IT has been central to this. Leandro Gelasi, IT officer at Corte dei conti, says,“We have a deep commitment to continuous improvement, and to support this goal we need an agile and elastic IT infrastructure.” Gelasi and his team wanted to move away from time-consuming management of physical IT. “We wanted to focus on providing an excellent service, rather than on handling hardware,” he says. A larger initiative to boost employee productivity went hand in hand with this efficiency drive, as Gelasi continues, “We wanted to change the way our 3,000-plus employees worked, enabling them to access applications from anywhere, on any device. But we had to ensure that this flexibility for staff didn’t jeopardize the safety of data.” Given its high-profile role in keeping public finances in check—and with the Italian government requiring agencies to cut IT expenditure in line with wider budget cuts—Cdc also had to focus on reducing its own costs. With a largely Citrix-based infrastructure, Corte dei conti had invested a lot in training its staff in this technology. It wanted to make the most of this investment, while at the same time making its architecture more agile.

Why Amazon Web Services
The answer was a hybrid cloud environment, and Cdc chose Amazon Web Services (AWS) and AWS Advanced Consulting Partner XPeppers to help it in this journey, starting with adopting a virtual desktop infrastructure (VDI) based on Amazon WorkSpaces. Gelasi says, “We looked at AWS and realized it was the perfect platform for our migration to the cloud. We had worked with XPeppers before, so it was our first choice to help us move to AWS and ensure seamless integration with our Citrix environment.” The infrastructure runs on 25 Amazon Elastic Compute Cloud (Amazon EC2) instances, which run only during office hours, between 8:00 am and 8:00 pm. Cdc uses AWS Lambda to orchestrate the startup and shutdown for each instance. Each department has a dedicated Amazon Virtual Private Cloud (Amazon VPC) and a virtual private network connection between the VPCs and Cdc’s data centers. Paolo Latella, solutions architect at XPeppers, says, “Because it deals with sensitive data, Corte dei conti needs a secure architecture. We worked with Cdc to explain best practices in the cloud, ensuring that it maintains the highest security levels.” For example, AWS Identity and Access Management (IAM) helps the court control access to resources, and Amazon CloudWatch allows the team to keep applications running smoothly. Plus, through the AWS Marketplace, Cdc can choose the software and services it needs to implement a security model that replicates its on-premises structure.

The Benefits
First and foremost, Gelasi and his team feel safe working in the cloud. “We have no concerns about security or compliance,” he says. “It’s not easy to replicate the same security levels that we have on premises, but working in AWS, we’re confident that we’re following best practices for data protection, network access, and other security measures.”
He continues, “The service that our users are getting is vastly improved. We have very little feedback, which is great for us. No news is good news in IT.” In addition, internal users have more flexibility and can access applications on their laptops, tablets, and smartphones from anywhere. “We have made it possible for court employees such as magistrates to work effectively from home. Previously, they could only access applications from the office, but now they can do this wherever they are. As a result, they’re much more productive. Decisions get made faster and the whole system works better. It’s a brilliant result for our entire organization,” says Gelasi.
Managing processes is also easier, so the Cdc IT team can focus on developing services for both internal and external clients. One of the IT team’s goals in the organization’s larger drive to boost efficiency is to provide services to government agencies across Italy. Gelasi says, “With our AWS infrastructure, it’s easier for us to offer IT to other institutions, which helps them cut costs in line with government initiatives.” “We’re saving money in the cloud too,” he continues. “By moving to AWS, we avoided €40,000 in hardware costs.” Operating expenses are more difficult to determine, but Gelasi is convinced that with the VDI project, Cdc is cutting energy consumption and saving money on air conditioning and electricity. “One of the drivers of the project was to get better visibility of costs and be more accountable,” he says. “As we move more of our infrastructure to the AWS cloud, we’ll be able to do this too.” Having successfully deployed VDI to 250 users across Cdc, the team is now rolling it out across all of the organization’s regions, eventually giving its 3,000 employees the tools to be more productive. The court is also working with XPeppers to build its disaster recovery on AWS and move more workloads to the cloud for improved agility. “The biggest benefit of working in the AWS cloud? I can’t pinpoint just one,” says Gelasi. “It’s the whole package. We’ve got more flexibility, we can scale seamlessly, and we have more time to provide a great service to our customers.”
... Learn more
The Louisiana Department of Public Safety and Corrections logo
Amazon Web Services logo
"This learning solution, based on Amazon WorkSpaces and ATLO Software, is a game-changer for the department of corrections. Our inmates now have easy, secure access to educational and vocational training that can help them transition into careers upon release", Dawson Andrews, IT Director
The Challenge Historically, inmates at correctional facilities were not allowed access to computers with Internet access for fear that access would allow them to harass victims or plan crimes. Technical complexities and a lack of local resources made it nearly impossible to provide online learning in prisons.
The Louisiana Department of Public Safety and Corrections wanted to improve inmate education, and post-prison outcomes, by implementing a new IT environment to support a better and more reliable online learning solution. It also needed to ensure system security so inmates had no access to the Internet.
It sought to replace the on-premises system that hosted the learning solution due to frequent technical problems that often led to downtime. The agency also wanted to eliminate the need for its small IT team to manage the solution or spend time keeping outdated technology up and running.
It sought an easier way to update training content and cost-effectively expand the program to additional correctional facilities.
The Solution The Louisiana Department of Public Safety and Corrections worked with ATLO Software, a provider of secure educational solutions for correctional facility students, to deploy educational training labs at four Louisiana correctional facilities.
Each lab consists of 10 workstations running Amazon WorkSpaces, a managed, secure desktop computing service that runs in the Amazon Web Services (AWS) cloud. The lab configuration uses a multilayered security approach, combining Amazon WorkSpaces with a secure network within an Amazon Virtual Private Cloud (Amazon VPC).
Using Amazon WorkSpaces along with ATLO educational software, the department can quickly get a new training lab up and running, making it cost-effective and simple to expand the program to additional facilities. Inmates use Amazon WorkSpaces to access a personal ATLO account, which tracks their coursework and test results. The solution is locked down so inmates can only access their ATLO account and not the public Internet.
The Benefits Enables better inmate outcomes. Using the onsite labs, inmates can pursue college credits or degrees, receive vocational training, and learn about career opportunities available to them once they are released from prison. “Rehabilitation through education is now a reality thanks to ATLO and Amazon WorkSpaces,” says Dawson Andrews, IT director of Louisiana Department of Corrections. “There is less chance of these inmates recycling back into the system. This is not only a benefit to the inmates themselves, it is a benefit to their community and future generations.” The solution has also made it possible for the department to partner with local companies to create job opportunities Better security. With the integration of Amazon WorkSpaces, ATLO software, and Amazon VPC, the department of corrections can confidently offer a secure learning program and prevent inmate access to locations outside the learning environment. The AWS security model makes it possible for the department to offer a connected solution—essential for delivering updated, relevant courseware and tracking progress. Ensures high availability. By enabling a more reliable environment for the web-based learning system, the department can help inmates concentrate on their education instead of worrying why software and systems aren’t working. Speeds deployment. The department’s IT team can get new connected training labs up and running in as little as 90 minutes. This results in three major benefits: It’s easy to roll out training labs in new facilities, to keep content up to date, and to add new content at any time. Reduces the need for IT staff. The department’s IT staff no longer needs to spend time managing servers and manually deploying software updates. Now, software updates can be pushed to any lab or workstation by restarting the zero clients.
... Learn more
Coinbase logo
Amazon Web Services logo
 The Challenge Since its founding in 2012, Coinbase has quickly become the leader in bitcoin transactions. As it prepared to respond to ever-increasing customer demand for bitcoin transactions, the company knew it needed to invest in the right underlying technology. “We’re now in the phase of legitimizing this currency and bringing it to the masses,” says Rob Witoff , director at Coinbase . “As part of that, our core tenets are security, scalability, and availability.” Security is the most important of those tenets, according to Witoff . “We control hundreds of millions of dollars of bitcoin for our customers, placing us among the largest reserves in our industry,” says Witoff . “Just as a traditional bank would heavily guard its customers’ assets inside a physical bank vault, we take the same or greater precautions with our servers.” Scalability is also critical because Coinbase needs to be able to elastically scale its services globally without consuming precious engineering resources. “As a startup, we’re meticulous about where we invest our time,” says Witoff . “We want to focus on how our customers interact with our product and the services we’re offering. We don’t want to reinvent solutions to already-solved foundational infrastructure.” Coinbase also strives to give its developers more time to focus on innovation. “We have creative, envelope-pushing engineers who are driving our startup with innovative new services that balance a delightful experience with uncompromising security,” says Witoff . “That’s why we need to have our exchange on something we know will work.” Additionally, Coinbase sought a better data analytics solution. “We generate massive amounts of data from the top to the bottom of our infrastructure that would traditionally be stored in a remote and dated warehouse. But we’ve increasingly focused on adopting new technologies without losing a reliable, trusted core,” says Witoff . “At the same time, we wanted the best possible real-time insight into how our services are running.” To support its goals, Coinbase decided to deploy its new bitcoin exchange in the cloud. “When I joined Coinbase in 2014, the company was bootstrapped by quite a few third-party hosting providers,” says Witoff . “But because we’re managing actual value and real assets on our machines, we needed to have complete control over our environment.”

Why Amazon Web Services Coinbase evaluated different cloud technology vendors in late 2014, but it was most confident in Amazon Web Services (AWS). In his previous role at NASA’s Jet Propulsion Laboratory, Witoff gained experience running secure and sensitive workloads on AWS. Based on this, Witoff says he “came to trust a properly designed AWS cloud.” The company began designing the new Coinbase Exchange by using AWS Identity and Access Management (IAM), which securely controls access to AWS services. “Cloud computing provides an API for everything, including accidentally destroying the company,” says Witoff . “We think security and identity and access management done correctly can empower our engineers to focus on products within clear and trusted walls, and that’s why we implemented an auditable self-service security foundation with AWS IAM.” The exchange runs inside the Coinbase production environment on AWS, powered by a custom-built transactional data engine alongside Amazon Relational Database Service (Amazon RDS) instances and PostgreSQL databases. Amazon Elastic Compute Cloud (Amazon EC2) instances also power the exchange. The organization provides reliable delivery of its wallet and exchange to global customers by distributing its applications natively across multiple AWS Availability Zones. Coinbase created a streaming data insight pipeline in AWS, with real-time exchange analytics processed by an Amazon Kinesis managed big-data processing service. “All of our operations analytics are piped into Kinesis in real time and then sent to our analytics engine so engineers can search, query, and find trends from the data,” Witoff says. “We also take that data from Kinesis into a separate disaster recovery environment.” Coinbase also integrates the insight pipeline with AWS CloudTrail log files, which are sent to Amazon Simple Storage Service (Amazon S3) buckets, then to the AWS Lambda compute service, and on to Kinesis containers based on Docker images. This gives Coinbase complete, transparent, and indexed audit logs across its entire IT environment. Every day, 1 TB of data—about 1 billion events—flows through that path. “Whenever our security groups or network access controls are modified, we see alerts in real time, so we get full insight into everything happening across the exchange,” says Witoff . For additional big-data insight, Coinbase uses Amazon Elastic MapReduce (Amazon EMR), a web service that uses the Hadoop open-source framework to process data, and Amazon Redshift, a managed petabyte-scale data warehouse. “We use Amazon EMR to crunch our growing databases into structured, actionable Redshift data that tells us how our company is performing and where to steer our ship next,” says Witoff . All of the company’s networks are designed, built, and maintained through AWS CloudFormation templates. “This gives us the luxury of version-controlling our network, and it allows for seamless, exact network duplication for on-demand development and staging environments,” says Witoff . Coinbase also uses Amazon Virtual Private Cloud (Amazon VPC) endpoints to optimize throughput to Amazon S3, and Amazon WorkSpaces to provision cloud-based desktops for global workers. “As we scale our services around the world, we also scale our team. We rely on Amazon WorkSpaces for on-demand access by our contractors to appropriate slices of our network,” Witoff says. Coinbase launched the U.S. Coinbase Exchange on AWS in February 2015, and recently expanded to serve European users.

The Benefits Coinbase is able to securely store its customers’ funds using AWS. “I consider Amazon’s cloud to be our own private cloud, and when we deploy something there, I trust that my staff and administrators are the only people who have access to those assets,” says Witoff . “Also, securely storing bitcoin remains a major focus area for us that has helped us gain the trust of consumers across the world. Rather than spending our resources replicating and securing a new data center with solved challenges, AWS has allowed us to hone in on one of our core competencies: securely storing private keys.” Coinbase has also relied on AWS to quickly grow its customer base. “In three years, our bitcoin wallet base has grown from zero to more than 3 million. We’ve been able to drive that growth by providing a fast, global wallet service, which would not be possible without AWS,” says Witoff . Additionally, the company has better visibility into its business with its insight pipeline. “Using Kinesis for our insight pipeline, we can provide analytical insights to our engineering team without forcing them to jump through complex hoops to traverse our information,” says Witoff . “They can use the pipeline to easily view all the metadata about how the Coinbase Exchange is performing.” And because Kinesis provides a one-to-many analytics delivery method, Coinbase can collect metrics in its primary database as well as through new, experimental data stores. “As a result, we can keep up to speed with the latest, greatest, most exciting tools in the data science and data analytics space without having to take undue risk on unproven technologies,” says Witoff . As a startup company that built its bitcoin exchange in the cloud from day one, Coinbase has more agility than it would have had if it created the exchange internally. “By starting with the cloud at our core, we’ve been able to move fast where others dread,” says Witoff . “Evolving our network topology, scaling across the globe, and deploying new services are never more than a few actions away. This empowers us to spend more time thinking about what we want to do instead of what we’re able to do.” That agility is helping Coinbase meet the demands of fast business growth. “Our exchange is in hyper-growth mode, and we’re in the process of scaling it all across the world,” says Witoff . “For each new country we bring on board, we are able to scale geographically and at the touch of a button launch more machines to support more users.” By using AWS, Coinbase can concentrate even more on innovation. “We trust AWS to manage the lowest layers of our stack, which helps me sleep at night,” says Witoff . “And as we go higher up into that stack—for example, with our insight pipeline—we are able to reach new heights as a business, so we can focus on innovating for the future of finance.”
... Learn more