nClouds | AWS Case Studies Biotech Startup

Why AWS and nClouds

Since its founding, the company has been in hypergrowth mode. It had its biotech blueprint in place but was starting from scratch in terms of infrastructure buildout. It was looking to move quickly and needed a fully optimized infrastructure on AWS. The company sought an AWS partner to help build the infrastructure and maintain its AWS environments to support product innovation and development, testing, and production. An AWS Account Manager recommended nClouds to the company based on its deep AWS and DevOps expertise.

Biotech Startup leveraged several Amazon Web Services:

• Amazon Aurora (Aurora) - Delivers the speed and reliability of high-end commercial databases simply and cost-effectively. It is a fully managed relational database engine that is part of the managed database service Amazon Relational Database Service (Amazon RDS).
• Amazon CloudWatch (CloudWatch) - Monitors applications, responds to system-wide performance changes, optimizes resource utilization, and provides a unified view of operational health.
• Amazon Elastic Compute Cloud (Amazon EC2) - A web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. It provides complete control of computing resources and runs on Amazon's proven computing environment.
• Amazon Elastic File System (Amazon EFS) - Provides the company with a simple, scalable, fully managed elastic network file system (NFS) for use with AWS services and on-premises resources.
• Amazon GuardDuty - A managed threat detection service that provides the company with an accurate and easy way to continuously monitor and protect its AWS accounts and workloads.

• Amazon Relational Database Service (Amazon RDS) - Makes it easy for the company to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups.
• Amazon Route 53 - A highly available and scalable cloud Domain Name System (DNS) web service that provides a reliable and cost-effective way to route the company’s end users to internet applications.
• Amazon SageMaker - A fully managed service that covers the entire machine learning workflow to label and prepare the company’s data, choose an algorithm, train the algorithm, tune and optimize it for deployment, make predictions, and take action.
• Amazon Simple Storage Service (Amazon S3) - A flexible way to store and retrieve data, providing the company with cost optimization, access control, and compliance.
• Amazon Virtual Private Cloud (Amazon VPC) - Enables the company to provision a logically isolated section on AWS where they can launch AWS resources in a virtual network that they define.
• Amazon WorkSpaces - A fully managed, Desktop-as-a-Service (DaaS) solution that provides either Windows or Linux desktops in just a few minutes, and can quickly scale to provide thousands of desktops to workers across the globe.
• AWS Active Directory Connector (AD Connector) - A directory gateway that enables the company to redirect directory requests to their on-premises Microsoft Active Directory without caching any information in the cloud.
• AWS Backup - A fully managed backup service that makes it easy for the company to centralize and automate the backup of data across AWS services.
• AWS Biotech Blueprint Quick Start - Helps build the biotech infrastructure, configured for identity management, access control, encryption key management, network configuration, logging, alarms, partitioned environments, and built-in compliance auditing. 
• AWS CloudFormation (CloudFormation) - Allows the company to treat its infrastructure as code, automate operations, and bring up new environments.
• AWS CloudTrail (CloudTrail) - For governance, compliance, operational auditing, and risk auditing of the AWS account.
• AWS Config - A service that enables the company to assess, audit, and evaluate the configurations of AWS resources.
• AWS Control Tower - Automates the setup of a baseline environment, or landing zone, that is a secure, well-architected multi-account AWS environment.
• AWS DataSync - An online data transfer service that simplifies, automates, and accelerates copying large amounts of data to and from AWS storage services over the internet or AWS Direct Connect.
• AWS Identity and Access Management (IAM) - To control users' access to AWS services.
• AWS Lambda (Lambda) - Enables the company to run code without provisioning or managing servers. Pay only for the compute time consumed - there is no charge when code is not running.
• AWS Organizations - Provides policy-based management for multiple AWS accounts.
• AWS ParallelCluster - An AWS-supported open-source cluster management tool that makes it easy for the company to deploy and manage High Performance Computing (HPC) clusters on AWS.
• AWS Security Hub - Provides a comprehensive view of high-priority security alerts and security posture across the company’s AWS accounts, and continuously monitors the environment using automated security checks based on the AWS best practices and industry standards. It aggregates, organizes, and prioritizes security alerts or findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.
• AWS Single Sign-On (SSO) - Makes it easy to centrally manage SSO access to multiple AWS accounts and business applications.
• AWS Site-to-Site VPN - Creates encrypted tunnels between the company’s network and Amazon Virtual Private Clouds or AWS Transit Gateways.
• Consolidated billing for AWS Organizations - A feature in AWS Organizations that enables the company to consolidate billing and payment for multiple AWS accounts. nClouds provides the consolidated bill to the company.

The company's solution stack also included additional, essential third-party tools:

• nOps - A SaaS cloud management and intelligence platform that continuously optimizes cost, security, performance, reliability, and operational excellence, aligned with AWS Well-Architected Framework best practices.
• OpenVPN Access Server - A full-featured SSL VPN software solution to provide fine-grained access control of the infrastructure.
• ShareSave Service by nOps - A cost optimization program for AWS compute costs offered by nClouds with a shared-savings pricing model. This SaaS platform collects Amazon CloudWatch and AWS CloudTrail logs. It automatically reacts in real time by purchasing Amazon EC2 Reserved Instances (RIs) and/or AWS Savings Plans (SPs) upon an increase in compute usage and selling them upon a decrease in compute usage.