AWS Cloud with Modis

Security, compliance, fault tolerance, automation and cost effectiveness

Modis Australia is an Advanced Tier consulting partner with Amazon Web Services (AWS), bringing our history of customer domain knowledge to bear with the world’s largest global public cloud service provider.

Our attention to security, compliance, fault tolerance, automation and cost effectiveness means you can trust Modis as your experts in implementing your AWS Cloud workloads.

What we've been doing with AWS

  • Application Migration to the Cloud
  • Application Modernisation with the Cloud
  • Cloud Connectivity
  • Cloud Security
  • Cloud Storage
  • Managed Services
  • Public Sector Workloads

Central to this is an orchestrated and secure approach to enterprise AWS Cloud adoption. We work closely with your team to help them with the journey to cloud, leveraging auditing, logging, and visibility of operations.

Our AWS clients

Modis Australia - AWS Clients

Connectivity

Connecting your Virtual Private Cloud Environment(s) to your existing corporate network topology takes capability and understanding.

Corporations often have multiple points of presence, and a combination of technologies that connect these together.

When it comes to your critical workloads in-cloud, we don't think a single path of interconnect is enough. A Virtual Private Network (VPN) connection to your VPC may be a dual tunnel affair on the AWS side, but it’s a single router on your client premises side — and that's a single point of failure (SPOF). We're experienced in using a combination of AWS Direct Connect fibre, and multiple VPNs to mesh together multiple paths of interconnect to create fault tolerant connectivity to the AWS Cloud.

Even offline; we're experienced with using AWS Snowball to shift large volumes of data from on-premise, to on-cloud, via a courier or postal service. The Snowball service even encrypts your data at rest, which is... err... literally in transit).

Managed Services

Modis offers a managed services approach by two approaches: with our staff physically embedded within the customer environment, or centrally from the Modis Service Centre.

 

We can offer a full-service, on premise support and operations team for your environment. Our experience in application development and application support means Modis has the understanding and capability to monitor, maintain and fix business level issues with IT systems.

 

The Modis Service Centre is a centralised virtual helpdesk, staffed out of the Modis offices across Australia.

Our team remotely assists customers with all manner of operational support enquiries, and by way of secured remote access to customer environments, can mediate issues and work them to resolution, all under an ITIL process with Service-Now.

Migration

Modis has significant experience in migrating legacy Commercial-Off-The-Shelf (COTS) software for x86 architectures and deploying them in the AWS Cloud.

We design for fault tolerance, automated recoverability, and automated scaling up on demand — and down when not required.

We believe that fault tolerance is not just two application servers in two data centres, but a system of automatic and reliable re-provisioning of server instances — without human intervention — across multiple data centres (Availability Zones) within the target region, on-demand.

We adhere strictly to customer content jurisdiction requirements, and drive costs down at every opportunity. That's why we’re trusted by government and enterprise alike to help with legacy application migration.

Our approach to simple migration is to wrap it in just the right about of automation and templating to bring benefits, without having to modify the COTS package at all.

Modernisation

Modis has a long and rich history of enterprise application development.

We have expertise in HCI, Security, Web Technologies, Networking, Databases, Data Modelling, Analytics, IoT, Application Testing, and more.

Running mission-critical systems on in-house hardware or colo, you know you have hard limits to your storage and compute capacity, which requires long (and repeated) cycles to capacity plan for the future, and then for retirement. This capacity planning is mostly guess work: get it wrong, and you run out of runway and consume your infrastructure faster than you can commission it. Get it right, and you overprovision and have spare capacity you’re not using, but have paid for.

Our approach with modernisation ranges from simple service integration such as storage, to complete business process workflow automation. Find out more information about Application modernisation with Modis.

Public Sector

We've worked extensively with government agencies in migrating their core operations to the AWS Cloud.

Using the AWS Sydney Region, and multiple resilient paths of interconnect, we provide services that the state relies upon.

Modis, in partnership with the state government of Western Australia’s land jurisdiction, Landgate, created Advara, the world’s first and only Cloud based automated land registry. This platform secures billions of dollars’ worth of real property, and is set to become a major platform across the world.

We also work with Law enforcement, Justice, and other state and federal agencies in helping them run their environments — on premise and on-Cloud.

Security

Our team are experts in designing, reviewing and tuning security at different layers of the technology stack.

 

Security and transparency of operation is critical in all IT workloads, on cloud or off. With AWS, much of this is wrapped up in an API activity log service, AWS CloudTrail. Modis likes sending this log stream directly to separate, dedicated security logging accounts, were general administration staff can’t access logs. We’re also keen on using automated security log event identification and alerting in near real-time.

For secure interactive (AWS Web Console) access, we use physical Multi-Factor Authentication (MFA) tokens based upon Time-based One Time Passwords (TOTP) for all master (root) account credentials, with federation of identity back to your corporate directory (such as Active Directory by way of SAML federation) which may also implement an MFA policy.

Understanding these dependencies, and working to ensure that the customer's security posture is maximised without unduly inflicting delay and complication on staff is important; and we'll work with our customers and their existing IT security teams to help them understand any risks and benefits.

 

We’re fanatical about encryption, algorithms, ciphers, signatures, and validation. Modis’ cloud approach is to use only encrypted protocols for all data transfers, both in transit to/from the cloud, as well as intra-cloud. We love disabling old crypto protocols, using only the latest and strongest ciphers, ephemeral keys for forward secrecy protection, and strong chains of trust.

We also love helping our customers understand how this looks over time. With Modis, you can be as secure as your bank, if not more so.

 

Modis is keen to assist customers however they need, and here are some examples of what we've done previously:

Security Reviews: Development Practices

Inspect, review and recommend changes for developers and release managers around Continuous Integration and Continuous Delivery, Development, API usage, API design, credential handling. Authenticating using two-way x509 certificate verification, and more.

Security Reviews: Operations

Observe and inspect operational processes and procedures, recommending changes to improve security, logging, visibility, governance, and timeliness to mitigate potential future security considerations. Tuning and automating TLS Certificate issuance and renewal, TLS option configuration, etc.

Application Architecture

Design and architect security frameworks around applications, including using single sign on technologies such as LDAP, SAML and other techniques, AWS IAM Roles and Policies, public/private asymmetric keys and key management, AWS Key Management Service, and more.

Cloud Governance Services

We can also engage to put cloud governance teams into your organisations, providing best practice and assistance to your existing development and line-of-business service teams. This service continually appraises, researches and improves your security posture over time, which is often overlooked in a project completion and migration to support approach to IT projects.

 

Modis maintains a number of staff holding the coveted AWS Security Specially Certification. This challenging certification is critical recognition by Amazon Web Services of Modis’ technical staff in the capability they bring to bear for our customers in the security space. Our team also hold many other industry and 3rd-party vendor security-releated certifications, professional memberships and more. Our security staff are well versed with decades of experience in security.

Storage

Local storage is limited, costly, and requires maintenance.

Modis has significant experience with using Amazon S3 and Amazon Storage Gateway to provide file and object storage to the premises.

Let’s take a simple example of object (file) storage. Migrating to using Amazon S3 removes the need to manage file data lifecycles based upon SAN maximum capacity. It also removes the horror of SAN migrations every 3 – 5 years.

Native integration to S3 means you persist all data, and set retention (and tier) policies based upon age of data, or other methods we design with you; with the granularity of charges being to the byte, you benefit from costs being equal to utilisation — not an upper bound above utilisation.

For security: we can encrypt object data going to S3 before it leaves your application servers, with key management of your choice, or we can leverage cloud-based key management systems, including replicated tamper-resistant Hardware Security Modules (HSMs).

Removing the capacity constraints changes the conversation around application data lifecycle management.

Back