CheckPoint Software > Case Studies > Best Friends Animal Society's Serverless Architecture for Enhanced Security and Efficiency

Best Friends Animal Society's Serverless Architecture for Enhanced Security and Efficiency

Technology Category

Application Infrastructure & Middleware - Event-Driven Application
Cybersecurity & Privacy - Application Security

Applicable Industries

Cement
National Security & Defense

Applicable Functions

Procurement
Product Research & Development

Use Cases

Construction Management
Tamper Detection

Services

Cloud Planning, Design & Implementation Services
System Integration

About The Customer

Founded in 1983, Best Friend Animal Society is the nation’s largest no-kill non-profit animal sanctuary. They save 17 million dogs and cats annually and have grown their base to 10 regional shelters in addition to their headquartered sanctuary in Utah. They work with local shelters to transform metropolitan areas into no-kill zones and safe havens for dogs and cats. Solely relying on the generous donations from their donor community, they have the ambitious goal of reaching no-kill status for dogs and cats nationwide by 2025. To achieve this goal, and generate awareness, they created a dynamically updated map to monitor the animal save-rate nationwide leveraging AWS Data Lake and hosted on AWS Lambda.

The Challenge

Best Friends Animal Society, the largest nonprofit no-kill animal sanctuary in the United States, was facing challenges with their traditional infrastructure. It was slowing down their development speed and hindering their ability to meet strategic goals. They needed a solution that would allow them to quickly scale, deploy new projects, lower their operational costs, and enhance their security. After migrating to AWS Lambda, they found that their permissions were too restrictive, and their developers could not develop at the speed necessary to achieve their strategic goals because of security. Projects were getting delayed because the development team could not access AWS S3 buckets. They wanted to take advantage of the benefits serverless had to offer but knew they had to have security gates in place to protect donor information. They needed to find and implement a layer of security to their AWS Lambda deployment.

The Solution

After careful evaluation, Best Friends Animal Society selected Check Point CloudGuard Dome9 serverless solution to automate security at the code level for their AWS Lambda serverless applications and to create additional rules and policies for further application hardening. This would ensure that they always had the necessary permission levels and control to enable their development team to run fast while protecting sensitive IP. They were quickly able to deploy CloudGuard’s serverless solution into their AWS Lambda environment to monitor the function layers and update permissions, and are now able to execute new code seamlessly through the convenience of the C/CD tool. In addition, CloudGuard applies deep-code flow analysis and machine-based learning to build a model of normal function and application behavior, to automatically limit permissions, and either block or trigger an alert for any actions outside of that established scope.

Operational Impact

The integration of Check Point CloudGuard Dome9 serverless solution has allowed Best Friends to not only shift left but to increase utilization of CI/CD tools across the development team and increase the confidence and adoption of their AWS Lambda deployments. As a result, the organization overall has peace-of-mind that their sensitive PII is secure and IP is protected, and they can now collect real-time data, without the high infrastructure costs. This means that instead of being too restrictive and holding back their development teams, Best Friends can now leverage the CloudGuard for serverless solution to ensure that each function has the right amount of permissions to do what it needs to do and that their applications are being monitored and protected seamlessly and automatically.