Case Study Automation & Orchestration Continuous Compliance Financial Management Commercial
Last updated on August 22nd, 2023 at 12:11pm
When you can trace your lineage back to the Bell Telephone Company founded by Alexander Graham Bell, you’re in rare company in terms of corporate longevity. But Verizon can do just that as they journeyed through the breakup of the Bell System and mergers with Vodafone and GTE to emerge as Verizon.
Today, Verizon is a multinational corporation offering voice, data, and video services & solutions on its networks and platforms. Their employees, known as V Teamers, power a mighty company that:
- Is part of the Dow Jones Industrial Average and ranked 23 on Fortune.
- Serves 99% of the Fortune 500.
- Maintains over 1M miles of global fiber.
When it comes to leveraging and innovating in the cloud, Verizon follows the tagline on its website: We don’t wait for the future. We build it.
Enabling Product Development Teams at Verizon
The Product AWS Cloud Technology (PACT) group within Verizon was started to build an AWS platform to be used by product development teams who create applications used on Verizon business and consumer endpoints. These endpoints can be anything from set-top boxes to mobile phones.
PACT was designed to be the target directional platform for cloud use at Verizon. Developers could come into the PACT environment and use multiple tools to build their pipelines, with structure and mandates around security and governance.
Verizon’s goals with PACT were to:
- Speed their go-to-market actions.
- Optimize cloud spend.
- Achieve full security maturity to meet compliance needs.
“Our goal was to create a cloud-enabling platform; basically, a standardized development platform with a built-in pipeline, built-in governance, and built-in security and compliance,” said Mike Ryan, Senior Manager, Technology and Product Development at Verizon.
The PACT team supports approximately 150 developers using AWS and – soon – Azure and Google Cloud to support product development.
“A multi-cloud approach to the cloud not only allows us to use the best cloud service for specific needs; this approach also acknowledges that we have team members who bring unique skillsets and cloud experiences, and we want to leverage that experience to drive innovation,” Mike shared.
The Challenge of Scaling Up in the Cloud
Verizon first met the Kion team at the annual AWS re:Invent conference in Las Vegas. At the time, Verizon had many cloud accounts.
“We knew that we wanted to have financial management. We knew we wanted to have account management. Then, we learned Kion could help us with our single sign-on (SSO) needs. So, a one-stop shop for us was very appealing.”
– Mike Ryan, Senior Manager, Technology and Product Development at Verizon
Another Kion capability that caught the eye of the Verizon team: Kion’s ability to import existing accounts to be managed by Kion. Other solutions required starting with new accounts (aka, a ‘greenfield’). The Kion solution would allow Verizon to build on their work-to-date by easily migrating their existing accounts to fall under Kion management.
Verizon selected Kion as their solution to help the team:
- Reduce operational expenses through automation of AWS account provisioning, compliance, and security controls.
- Increase productivity and end user satisfaction by providing for self-service of AWS account requests and near real-time provisioning.
- Eliminate cost overruns by implementing enforceable budgets.
- Deliver cloud-native console access to developers, ensuring teams could access Verizon cloud services as soon as these services are approved.
How Kion is Helping Verizon Get Full Cloud Value
Speeding Onboarding, Ensuring Compliance
Today, Verizon uses Kion to create cloud projects, align internal funding, and assign user permissions to those users who should have access. This automation makes it extremely easy to onboard new users and, whether the user is using the native application or access keys, the permissions are applied from the start.
Verizon also leverages Kion to provision new accounts. Both production and sandbox accounts are requested via an internal JIRA form, approved, and then automated through the use of Kion. Sandbox accounts are given a certain duration or budget amount and, when either is exceeded, a full deprovisioning and recycling workflow is in place to clean-up or close the account and prepare the next one for use.
Kion’s global Cloud Rules further augment automation capabilities within Verizon’s sandbox and production environments. Cloud Rules are used to apply resources across the organization, such as identity and access management (IAM) restrictions for users and compliance frameworks to be monitored. As compliance frameworks are added, either through Kion’s included Jumpstart programs or custom frameworks, different parts of the organization can be scanned for different frameworks based on need via local Cloud Rules.
What are Kion Cloud Rules and Jumpstarts?
Kion Cloud Rules are collections of cloud-specific resources that can be applied to cloud accounts. Cloud Rules can be applied hierarchically and inherited from parent organizational unit (OU) to child OU to projects, or they can be applied directly to individual projects. Cloud Rules help to eliminate complicated, manual tasks, including IAM, compliance, financial enforcements, and account provisioning across AWS, Azure, and Google Cloud.
Kion’s compliance jumpstarts allow organizations to quickly start applying permissions and deploying resources right out-of-the-box. Kion includes a reference library, which includes many common compliance resources, as well as complete sets of resources for established compliance frameworks such as NIST 800-53, PCI DSS, and CMMC.
Verizon leverages auto-remediation and logging within their compliance checks, and Kion uses its native capabilities to deploy the proper infrastructure, such as Lambdas, into each account when added to the Kion platform through automation. Due to the auto-remediation in place, identified infractions are resolved instantaneously, leading to a healthy and secure posture, and developers - as well as PACT governance and security ops teams - are notified directly for reference.
Tracking Funding, Maintaining Budgets
Verizon has funding sources populated in the application, and funding is allocated according to the organizational structure. Verizon also leverages Kion’s budgeting functionality to set spend limits per account. To help ensure budgets are enforced, Verizon has implemented spend enforcements to act as a notification system when specific departments are overspending.
In addition, the team takes advantage of several Kion capabilities to identify spending optimization opportunities.
Evolving Cloud at Verizon
Verizon recently launched their Standard Operating Environment (SOE), which extends the PACT model into a selfservice, low-development touch for vending account creation. The result is an all-encompassing golden pipeline for Verizon developers to easily leverage many different products to be as cost efficient as possible.
Kion’s account provisioning, single sign-on, cost governance and reporting, and compliance features make the solution an integral part of this evolving landscape.
“Kion delivers a lot right out of the box and, from a governance perspective, we’ve seen productivity gains from the easy creation and application of policies that cascade down through our organizational chart in Kion.”
– Yadushri Baliyan, Manager of Governance, Risk & Compliance, Technology and Product Development at Verizon
“From the start of our conversations with Kion, I’ve been impressed by the intelligence and the level of experience of the Kion team. The Kion team and solution have checked all the boxes,” said Mike. “The way the Kion team interacts with us is what I’m sold on. They have a can-do attitude, and they’re always there to help our team. For me, that goes a long way.”
