GET In Touch

SMB Case Study

About Full Circle Tech

Full Circle Tech (FCT) has been in business for a while and knows what it takes to be a contender in the world of municipal e-permitting and licensing. FCT launched an internet-based permitting and licensing solution, PermitEyes, in 2008 and transitioned into focusing solely on online permitting and records management. The PermitEyes application is a modular cloud-based system which allows any municipality to electronically receive applications, collect electronic payments, conduct inspections, and issue permits. PermitEyes 20/20, a fully-integrated town hall system, was launched in 2017. All departmental modules are accessible through this single point of entry.

 

Customer Challenge

The customer’s infrastructure was hosted within an outdated VPC design that relied on a NAT instance, leaving the environment vulnerable and difficult to scale. Several EC2 servers were assigned public IP addresses without proper security group rules, significantly increasing exposure to potential attacks. Critical databases were hosted directly on multiple EC2 instances, lacking proper segmentation and managed service capabilities.

The environment had previously suffered from an account compromise incident, further highlighting the security gaps. The existing infrastructure could not keep pace with the growing customer base, and the absence of a scalable, secure, and resilient architecture limited the business’s ability to expand.

The team also struggled with:

  • No centralized monitoring or alerting mechanisms

  • Inefficient database management and backup strategy

  • Increased operational overhead due to manual management of servers and services

If left unaddressed, these issues would continue to put customer data at risk, increase the potential of extended downtime, and hinder the company’s ability to meet customer demand, ultimately impacting revenue and brand trust.

Partner Solution

Ibexlabs conducted an AWS Well-Architected Review of the customer’s environment and designed a robust remediation strategy to address security, scalability, and operational efficiency gaps that were identified. Ibexlabs implemented the following solutions:

Infrastructure Modernization

Redesigned the VPC architecture to replace the outdated NAT instance with a highly available NAT Gateway setup. 

Segregated workloads into dedicated private subnets, ensuring secure traffic flow, reduced exposure, and alignment with AWS security best practices. 

Containerized their workloads to leverage the AWS ECS service.

Security Hardening 

Removed direct public IP exposure for EC2 instances hosting critical workloads. Applied least-privilege security group rules.

Implemented  Security Hub, GuardDuty, AWS Config, and CloudTrail for proactive threat detection, continuous compliance, and audit readiness.

Database Modernization 

Migrated databases from EC2-hosted instances to Amazon RDS with Multi-AZ deployments for high availability, automated backups, and simplified management. This improved performance, security, and operational resilience. 

Enabled slow query logging and configured alerts to notify the development team, enabling timely query optimization and improving application performance.

Centralized Monitoring & Logging

Configured Amazon CloudWatch and AWS CloudTrail with log aggregation in Amazon S3. 

Enabled alarms and dashboards for real-time visibility into performance, health, and security events.

Cost Optimization

Performed a cost analysis audit to identify under-utilized resources, removed unused EC2 instances, and right-sized workloads to smaller instance types, resulting in significant monthly cost savings.

Access & Identity Management

Strengthened IAM policies with role-based access controls and enforced MFA for all users. 

Deployed AWS Systems Manager for secure shell access and patch management.

Ongoing Managed Services

Provide 24x7x365 monitoring and incident response through Jira Service Desk and OpsGenie, ensuring rapid resolution of alerts, change management tracking, and proactive maintenance. Through these measures, Ibexlabs transformed the customer’s infrastructure into a secure, scalable, and compliant environment, enabling business growth while minimizing operational risks.

Results and Benefits

The modernized architecture delivered immediate benefits to the customer:

  • 100% reduction in public exposure of critical infrastructure by moving workloads to private subnets and tightening security group rules.
  • 24x7x365 monitoring and incident response with proactive alerting and remediation.
  • Achieved full compliance with CIS benchmarks through AWS Security Hub, AWS Config, and GuardDuty.
  • Enhanced availability and resilience with automated backup and recovery strategies for EC2 and RDS workloads.

The customer now operates within a secure, compliant, and scalable AWS environment, equipped to support rapid business growth while minimizing operational risk.

About the Partner

IbexLabs LLC is an AWS Advanced Tier Consulting Partner with DevOps and Healthcare Competencies, specializing in end-to-end cloud solutions for businesses seeking agility, security, and scalability. Our growing team has deep expertise in infrastructure migration, modernization, compliance and security. As a certified AWS Well-Architected Partner, we help organizations design, migrate, and optimize workloads on AWS—ensuring performance, cost efficiency, and compliance with frameworks like HIPAA, SOC 2, HITRUST, and GDPR.