Written by Christian Bryndum, Director of Operations, Voicebase on July 09, 2018
VoiceBase Eliminates Constant VPN Switching, Transforms AWS User Access
VoiceBase turned to Cyxtera AppGate SDP to secure its AWS environment.
VoiceBase, a provider of speech analytics for the cloud and an Advanced Amazon Web Services (AWS) Partner, required a solution to secure its AWS environment. VoiceBase turned to Cyxtera AppGate SDP, the industry’s most comprehensive Software-Defined Perimeter solution, capable of securing any application, on any platform, in any location.
The VoiceBase Secure Access Challenge
At VoiceBase, we are always looking for ways to maximize the benefits of the technology solutions we are using to bring our industry leading speech analytics solutions to our customers. We are extensive users of Amazon EC2, Amazon S3, AWS Lambda, AWS RDS, Amazon EMR and AWS Cloudwatch. Additionally, we use AWS to deliver speech analytics for the cloud. As a PCI DSS certified company we take security very seriously and continuously improve it where we can.
As part of our development process, the VoiceBase engineering team have access to four unique development AWS accounts. Each engineer requires simultaneous access to up to three of these environments.
We were using a VPN solution to grant secure access to each of the four developer environments. Our operations team created multiple individual user accounts on each OpenVPN server. However, with OpenVPN, our engineers could only connect to one AWS Virtual Private Cloud (VPC) instance at a time. This required our engineers to connect and disconnect every time they needed to switch from one environment to another. As you can imagine, the engineers were frustrated with having to login to multiple accounts with multiple MFA tokens and the solution was counterproductive to our agile development methodology.
Furthermore, any time an engineer lost access or a device was lost or broken, the operations team had to go through a lengthy process to provision and enable account access. For example, if a cell phone was replaced or lost, it could take up to 45 minutes to restore the users access to all environments. If changes to policy were needed, significant time and effort from operations was required in order to apply those changes across all devices.
AWS Secure Access Solution: AppGate SDP
To overcome the challenges and improve security associated with the VPN solution we were using, VoiceBase turned to Cyxtera’s AppGate SDP for AWS.
AppGate SDP allowed VoiceBase to implement a highly-available secure access system to its five AWS environments. AppGate SDP protects AWS cloud resources with a role based and multi-factor authentication (MFA) model, providing user specific access to authorized resources.
AppGate SDP delivers a comprehensive Software-Defined Perimeter that dynamically creates one-to-one network connections between the user and the resources they are permitted to access. AppGate creates a segment of one for each of our users, based on the person, environment and enterprise. It evaluates the users in real time with dynamic, context-sensitive access policies.
Access automatically adapts to changing conditions in the cloud. Every new instance is automatically traced and added or removed from the access filter, allowing for an automation-driven network access process that can be managed by simple policies.
VoiceBase Secures Access to AWS with AppGate SDP
VoiceBase continues to benefit from its AWS usage. We use multiple AWS availability zones to ensure high availability, redundancy and failover to provide the uptime our customers expect. AWS offers our core business – a full speech analytics stack in the cloud – the ability to go from testing to production in a few clicks.
Without improving secure access to AWS, our team was inefficient and resources were consistently wasted. With AppGate SDP, we found a solution that not only improved our AWS infrastructure security, but one that was much more developer and operations friendly.
In addition, AppGate SDP helps us maintain our Payment Card Industry (PCI DSS) compliant production environment. AppGate SDP addresses many of the access control PCI requirements: providing fine-grained access control and giving individual devops users access to only what they need to do their jobs. AppGate has enabled us to determine what resources a user can access based on a list of 'access criteria' before they are allowed to connect to any network application or resource.
Business benefits of AppGate for AWS
Following initial implementation, we empowered our engineers to self-install the AppGate SDP client. Secure access to our AWS developer environments was made possible in a quick and secure manner, and the engineering team’s end user experience has improved by a factor of 10x. The time to secure AWS instances has also been dramatically reduced to just minutes, allowing us to efficiently and effectively use our resources to focus on our speech analytics solution.
To try AppGate SDP, get the free trial at AWS.
Christian Bryndum, Director of Operations at Voicebase, is an IT expert with 18 years of international IT infrastructure and operations experience within biotech, life science and SaaS organizations. In his current role he leads the IT operations team at VoiceBase where he is responsible for keeping the lights on for the world’s leading speech analytics platform.