Case Study: Athlete.ai

"Platformr was a game changer. It solved our reliability issues immediately, and set us up for success with a scalable solution. Getting visibility into our cloud costs also helped us calibrate our pricing model to maximize revenue and profitability.”
Kevin Keranen, CEO
THE CHALLENGE

Scaling secure, reliable infrastructure with better cost visibility

Athlete.ai had recently launched a beta version of their multi-tenant SaaS mobile application and was in the process of collecting user feedback prior to going to production. However, because the previous software development company lacked cloud architecture knowledge, the infrastructure was not set up to support the application as it scaled. As a result, the app was having significant reliability and performance issues due to user and data growth.

Athlete.ai also had no visibility into costs per tenant—making it nearly impossible to build an accurate pricing model—and wanted to improve its security posture. The company realized their provider could not support the scale or visibility they needed, and decided to leverage Platformr to migrate to AWS.


Company Profile

  • B2C mobile app / Multi-tenant SaaS 
  • Creates athlete highlight reels for coaches, players, parents, and fans 


Goals

✔ Migrate to AWS
✔ Improve reliability
✔ Ensure scalability
✔ Improve security posture
✔ Gain insights into cost per tenant 

Solution

Platformr Foundation:

  • Set up an AWS Landing Zone to include AWS Control Tower, Service control policies (SCPs), AWS Organizational Units, centralized logging, and centralized security with AWS Security Hub
  • Improved security posture and made it easier to manage AWS users and contractors by incorporating AWS Identity Center and AWS IAM user management
  • Eliminated security vulnerabilities by enforcing centralized root user management and deleting out root user credentials
  • For Infrastructure as Code (IaC), followed the principles of a Security Reference Architecture (SRA) to establish secure boundaries and delegate responsibilities
  • Isolated AWS account workloads as a best practice for enhancing security and operational efficiency in cloud environments (grouping AWS resources and workloads into separate AWS accounts based on their functionality and security requirements)
  • Deployed budgets at the AWS Organization, workload, and account level with alerts
  • Deployed AWS supported Well-Architected lenses
  • Leveraged AWS Cost Explorer to gather data and visualize AWS costs and usage over time for increased visibility and improved cost management
  • Set up tags for cost visibility
  • Set up backup and security policies matching business requirements

Workload Factory:

  • Created separate development environments (Development, Testing, Staging, Production)
  • Established a Disaster Recovery environment

Results

Saved $25k on professional services
Shortened implementation timeline to 45 days
Improved reliability with auto scaling, backups and separate development environments
✔ Improved security posture
Ability to change code/infrastructure to support scalability
Gained visibility into cost per tenant for pricing model

In the future:

  • Have a better tool to support A/B testing and development feature branches
  • Robust, secure framework can meet compliance requirements
AWS Services
  • AWS Control Tower
  • AWS Backup
  • AWS Transit Gateway
  • AWS IAM Identity Center
  • AWS Config
  • Amazon VPC
  • AWS Security Hub
  • AWS WAF (Web Application Firewall)
  • AWS CloudTrail
  • AWS Key Management Service (KMS)
  • AWS DataSync
  • Amazon Detective
  • Amazon GuardDuty
  • Amazon Inspector
  • Amazon Macie
  • AWS Resource Access Manager
  • AWS Well-Architected Tool
  • AWS Budgets
  • AWS Cost Explorer
  • AWS CloudTrail
  • Amazon Route 53