Meeting Innovation, Budget, and Security Challenges with AWS
Cambridge Learning Management System (CLMS)
With a mission to unlock people’s potential with the best learning and research solutions, Cambridge University Press (CUP) developed a robust platform that provides rich learning experiences to millions of English language learners around the world.
The platform, Cambridge Learning Management System (CLMS), allows teachers to easily manage classes and track their students' progress, highlighting areas of strength and weakness for ongoing performance improvement. It also creates an environment where students can interact with content, collaborate with other learners and communicate with their teacher outside the classroom.
To achieve a scalable, low-cost environment that was agile to customer needs, CUP required an IT services vendor with deep expertise in Amazon Web Services (AWS) to provide infrastructure services for CLMS. CUP enlisted Unicon, a leading provider of IT consulting, services, and support for education technology to host CLMS in AWS.
Unicon enabled CLMS to achieve CUP’s challenges of providing a platform with reliable infrastructure for faster innovation, reduced costs, and secure operations.
Leveraging AWS automation such as CloudFormation, Unicon has increased the speed to market for CLMS features. CloudFormation provides an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. These environments support development and quality activities, as well as ensure rapid and reliable infrastructure deployment. Development teams have the infrastructure and data they need, an essential component in an "on demand" model which has greatly accelerated the release of new features to end users.
Dynamic deployment into the AWS cloud provides substantial costs savings over dedicated infrastructure. Across the production, development, and other needed environments, hundreds of servers are needed at any one time. Production traffic is highly variable, as is the case in many educational contexts, varying with the academic calendar. By using AWS autoscaling, the infrastructure is right-sized and cost-optimized to demand. Unicon played a key role in maturing CLMS into a cloud-enabled platform, establishing operational metrics and scaling rules to realize the cost and performance/ reliability benefits of AWS.
Unicon has designed an operating environment for CLMS that takes full advantage of the security features available in AWS. AWS Identity and Access Management (IAM) is used to establish roles and policies to provide secure access to data, application, and administrative functions in CLMS, while ensuring protection of credentials. By using IAM Roles and IAM Policies for AWS resources, CUP is able to ensure that only defined and approved resources can access secure areas of their AWS account. A defined set of AWS administrators are assigned permissions to develop these roles and policies, limiting the users that can grant access. EC2 instance profiles are used to control access to secure S3 locations ensuring that these areas are not accessed by unauthorized users.
AWS CloudWatch provides security monitoring. By combining IAM with AWS CloudTrail, a history of AWS API calls and related events are recorded. CloudTrail provides a record of every AWS action taken in the account. For example, CUP has records of who started instances, who changed IAM policies, and who accessed S3. This information helps CUP to track changes made to their AWS resources and to troubleshoot operational issues. CloudTrail makes it easier to ensure compliance with internal policies and regulatory standards.
Meeting the Challenges: Unicon Services for AWS
With experience in many of the AWS services including EC2, RDS, S3, CloudFormation, ECS, and AutoScaling, Unicon is able to help clients fully realize time to market advantages, high levels of reliability and scalability, and demand-based sizing and costs. Unicon has staff certified in all current AWS certifications, including AWS Certified Professional level Solutions Architects and DevOps Engineers.
Unicon initially migrated CLMS into AWS as a legacy application. Since then, Unicon has helped CUP mature CLMS into a cloud-based application that is able to take advantage of current and future AWS services. This cloud-based application helps CUP, its customer, and stakeholders realize cost, scalability, reliability, and security benefits.
Unicon is an Advanced Consulting Partner in the AWS Partner Network (APN). This allows Unicon to leverage AWS to its fullest potential given Unicon’s deep expertise in deploying and operating applications on AWS as well as application development.
- On-demand and automated provisioning quickly serves the needs of the development teams. This has increased the speed at which new user features can be developed, tested, and released to production.
- Automation allows changes to be deployed to production quickly and reliably
- Auto scale allows the Reserved Instances to be augmented at times of higher load, allowing the infrastructure to remain right-sized with respect to cost, but still deliver reliable and responsive user experiences
- The AWS security model and practices, including external audit and support for stringent security standards, provides a strong security foundation for CLMS
- CUP can focus on delivering great learning experiences knowing the physical and other security foundations are strong