1001010110101010
Thank you! Our team will contact you soon
Start Your AI Journey

Accelerating NammiSkills’ Growth through Enhanced Cloud Security and Governance

  • Industry : Education
  • Country : MENA Region
aws
security
aws config
scp

Executive Summary

Nammiskills is the go-to platform to drive learners' careers forward using targeted learning activities based on the most in-demand jobs. Nammiskills aims to create learning journeys and pathways for people wanting to learn new skills that will help them find job opportunities in today's ever-digitalized labor market. Developed with the support of UNICEF and the World Bank, our platform is designed to help users achieve their career goals and maximize their earning potential, in partnership with leading tech companies. Since Nammiskills was going to be released in the MENA region, our biggest challenges were scalability, latency and security. To address these concerns, we adopted the Serverless approach, using Amazon API Gateway for publishing API's, Elastic Load Balancer, Aurora RDS Amazon ECS Fargate for the backend. Additionally, AWS Config was implemented across the multi-account environment to continuously monitor resource configurations and ensure alignment with Nammiskills’ security and compliance requirements as the platform scaled.

Why Zero&One?

Zero&One, an AWS Premier Consulting Partner, was the ideal choice to tackle NammiSkills' challenges due to their extensive expertise in cloud solutions and artificial intelligence. Leveraging AWS's powerful cloud infrastructure, machine learning tools, and data analytics capabilities, Zero&One was able to craft a solution that addressed NammiSkills' scalability issues, enhanced their data management capabilities, and provided the necessary tools to personalize the learning experience. This partnership ensured that NammiSkills could take advantage of cutting-edge technology to improve their educational offerings and operational efficiency.

Customer Challenge

Managing compliance and security governance across a growing environment

NammiSkills’ rapid growth across the MENA region introduced new operational and security complexities that their existing infrastructure was not equipped to handle. As the platform scaled, the team faced increasing difficulty maintaining consistent security configurations, enforcing governance standards, and ensuring compliance across multiple AWS accounts and environments. Frequent changes made by distributed development teams created configuration drift, making it challenging to trace who made what changes and when. These inconsistencies posed risks of misconfigured IAM policies, untagged resources affecting cost visibility, and potential exposure through insecure network settings or improperly configured S3 buckets. To address these governance and visibility challenges, NammiSkills needed a centralized and automated method to continuously monitor resource configurations, detect deviations from best practices, and maintain audit-ready compliance. Under the strategic guidance of Zero&One, AWS Config was integrated across the organization’s AWS accounts to deliver continuous configuration tracking, automated compliance evaluations, and centralized visibility. This allowed NammiSkills to proactively identify misconfigurations, enforce consistent standards across all environments, and strengthen the security posture of its rapidly evolving platform.

Partner Solution

Centralized compliance management with AWS Config

Zero&One designed and implemented a centralized governance and compliance framework for NammiSkills using AWS Config to address the platform’s growing need for consistent security posture, configuration visibility, and alignment with operational best practices. AWS Config was deployed across all NammiSkills AWS accounts and regions to continuously record configuration changes, enforce compliance standards, and detect configuration drift as the environment evolved. A curated set of managed and custom Config rules was introduced to validate IAM policies, resource tagging, S3 security controls, and VPC network configurations, establishing a unified compliance baseline across the organization. A multi-account AWS Config Aggregator was provisioned to provide NammiSkills’ engineering and security teams with a single consolidated dashboard of configuration and compliance status across environments. Configuration snapshots and history files were centralized in an encrypted S3 bucket with restricted access, ensuring secure, audit-ready visibility into historical resource states. Event-driven remediation capabilities were also enabled using CloudWatch Events and Lambda, allowing the platform to automatically respond to misconfigurations and maintain operational integrity. The resulting architecture delivers a strong, scalable governance foundation that complements NammiSkills’ broader cloud strategy. By integrating AWS Config into their environment, NammiSkills gained continuous compliance monitoring, improved security oversight, and streamlined audit readiness—all essential for supporting their expansion and maintaining trust with learners and partners.

T

Solution Architecture

starsphere aws case study solution

Use Case

As NammiSkills expanded its platform across multiple accounts and environments, maintaining consistent configurations and enforcing security standards became increasingly challenging. AWS Config was introduced to provide continuous visibility into resource settings and ensure adherence to governance requirements. Whenever developers deployed new resources—such as Lambda functions, S3 buckets, DynamoDB tables, or networking components—AWS Config automatically evaluated them against managed and custom compliance rules. Misconfigurations such as missing mandatory tags, overly permissive IAM policies, or insecure network rules were immediately flagged, and event-driven workflows triggered automated notifications or remediation actions. This allowed NammiSkills to maintain a strong compliance posture while enabling teams to work at high velocity without compromising security or governance.

Outcome and Benefits:

The introduction of AWS Config provided NammiSkills with a unified, proactive governance framework that significantly strengthened their operational and security posture. Continuous configuration tracking eliminated blind spots, while centralized snapshots and history files improved audit readiness and root-cause analysis capabilities. Compliance rules—both managed and custom—ensured consistent enforcement of security requirements, reducing the risk of configuration drift across environments. Automated event-driven responses minimized manual intervention, allowing the engineering team to focus on delivering new platform features rather than policing misconfigurations. Overall, AWS Config enhanced transparency, accountability, and compliance across NammiSkills’ cloud infrastructure, enabling them to scale confidently while maintaining a secure and well-governed environment.

About Zero&One

Zero&One is a leading Premier AWS Consulting Partners in MENA region with a vision to empower businesses of all scales in their cloud adoption journey. We specialize in AWS services like DevOps, application modernization, cloud migration and serverless computing. We currently operate from our offices in Lebanon, UAE, and Saudi with 100+ certifications in our hands and serve 50+ happy customers across the region.

01
Contact Us

We'd like to hear from you

Copyright © Zero&One. All rights reserved - Policies.
Protect yourself and others from the covid-19 pandemic. Learn more