AWS Control Tower Implementation
Data Language
Data Language is a UK-based data analytics consultancy that helps organisations unlock the value of their data through advanced analytics, machine learning, and business intelligence solutions. Working across sectors including financial services, healthcare, and the public sector, Data Language needed a robust, well-architected AWS environment to support their growing portfolio of data-intensive workloads. MakeCloud was engaged to implement AWS Control Tower and establish best-practice landing zones, providing Data Language with the governance, security, and scalability framework needed to confidently onboard new clients and projects.
The Challenge
Data Language needed to deploy a web application for their client. The web application needed to be deployed into AWS accounts and managed by their client. The client did not have any existing AWS Infrastructure and required help in implementing AWS best practice.
Security was a paramount concern, and they wanted a solution which enabled them to implement security controls and guardrails with the view to potentially obtaining a SOC 2 certification in the future.
The Solution
MakeCloud built a solution using AWS Control Tower, which automatically provides many of the technical controls required for a SOC 2 certification such as a separation of environments. This ensured that all AWS accounts in the AWS organisation adhered to a given set of security policies and guardrails for certification in the future.
By using separate non-production and production and OUs in the AWS organisation, we were able to create an administrative boundary around their environments’ resources, enabling them to implement the security access principle of least privilege and limit blast radius.
Through leveraging AWS Control Tower we also provided monitoring of unauthorised access or potential breaches using centralised AWS CloudWatch Logs and security services such as AWS Guardduty. Additionally, by using AWS Single Sign-On using AWS IAM Identity Centre also ensured that all users had enforced MFA on their accounts.
“MakeCloud's implementation of AWS Control Tower gave us exactly the governance and structure we needed. We can now onboard new projects with confidence, knowing our landing zones meet AWS best practices.”
The Results
Through implementing AWS Control Tower, MakeCloud provided the client with a Well-Architected account structure to deploy web applications and increase speed to market.
Furthermore, with implemented security controls and guardrails we also provided the technical foundations required to successfully obtain SOC 2 certification in the future.
Services Used
AWS Security & Compliance
Secure, compliant AWS environments without slowing down innovation.
AWS DevOps
Ship faster on AWS with reliable CI/CD, automation, and modern DevOps practices.
AWS Managed Cloud Services
Dedicated AWS specialists to secure, optimise, and operate your cloud 24/7.
AWS Advanced Tier Services Partner
Ready to get started?
Book a free, no-obligation call with one of our AWS-certified engineers. We'll listen to your challenges, share honest advice, and only recommend next steps if we genuinely think we can help.