Val Henderson Appointed to CEO

Enabling StateRAMP Moderate Compliance for a Global Education Publisher with AWS Config

Caylent Team Caylent Team

AWS Foundations
Managed Services

A global education publisher partnered with Caylent to strengthen security controls for sensitive data and achieve compliance with StateRAMP Moderate requirements, enabling them to better serve university clients with increased confidence and trust.

Client Overview

A global education publisher provides customized digital publishing solutions, offering enhanced digital textbooks and interactive course experiences that support intuitive, faculty and student-friendly engagement. By partnering closely with each publisher, the organization tailors digital strategies to meet unique publishing goals and elevate the learning experience.

Challenge

This global education publisher handles sensitive university data and is required to meet stringent security standards.

  • Compliance Requirement: The core challenge was meeting the security and data protection requirements set by StateRAMP Moderate guidelines.
  • Data Sensitivity: As most of their clients are universities, they handle a high volume of sensitive data that must be protected according to these standards.

Solution

The publisher implemented a codified compliance solution leveraging AWS Config's native capabilities.

  • AWS Config Conformance Pack Deployment: The proposed solution involved deploying an AWS Config Conformance Pack across the publisher's AWS Organization. The specific conformance pack utilized was one that strictly adheres to the guidelines set by StateRAMP Moderate.
  • Automated Reporting: Once the conformance pack was deployed, a Python script was built to report the compliance status of every rule in the pack. This script also identified and reported the offending resources when a rule was in a non-compliant state.
  • Remediation Guidance: The final step involved the manual creation of a comprehensive document that aggregated the non-compliant rules, the specific offending resources, and clear guidance for the remedial steps needed to achieve compliance with the given rule.

Results

The project successfully established the foundation and guidance necessary for the publisher to achieve and maintain required compliance.

  • Metric of Success: The primary metric of success was providing sufficient guidance to the publisher to be enabled to gain and exceed compliance for their AWS Organization according to StateRAMP Moderate guidelines.
  • Cost Reduction: During the initial implementation phase, cost reduction steps were taken by utilizing proprietary compliance tools to help with compliance reporting. AWS Billing metrics and AWS Trusted Advisor reports were utilized to determine if any resources needed to be descoped or lowered.

Key Takeaway

To meet stringent StateRAMP Moderate compliance requirements while handling sensitive academic data, we implemented a codified solution using AWS-native services. By deploying a tailored AWS Config Conformance Pack and automating compliance reporting through custom scripts, they gained real-time visibility into resource-level compliance.

This enabled them to identify noncompliant configurations, reduce risk, and accelerate their path to full certification. The project laid a scalable, cost-effective foundation for long-term compliance and secure cloud operations—empowering them to serve their university partners with greater confidence.

AWS Foundations
Managed Services
Caylent Team

Caylent Team

View Caylent's articles

Learn more about the services mentioned

Caylent Industries

Public Sector

Modernizing government, education, and non-profit missions with secure, AI-driven cloud solutions.

Caylent Services

AWS Foundations & Migrations

From rehosting to replatforming to rearchitecting, Caylent will help you leverage AWS to its fullest potential to meet your business objectives.

Accelerate your cloud native journey

Leveraging our deep experience and patterns

Get in touch

Related Blog Posts

Datadog Event Mapping

Learn how Datadog Event Mapping works — how to correlate logs, events, and alerts into meaningful context, improve observability, and reduce noise so your team can quickly detect and respond to issues.

Managed Services
Infrastructure & DevOps Modernization

CloudFormation Nested Stacks Primer

Get a practical introduction to AWS CloudFormation nested stacks — how they work, when to use them, and best practices for organizing and managing reusable infrastructure templates at scale.

Managed Services
Infrastructure & DevOps Modernization

Dedicated Hosts vs. Dedicated Instances on AWS: What is the Difference?

Understand the differences between AWS Dedicated Hosts and Dedicated Instances — when to use each, how they impact compliance and licensing, and best practices for controlling tenancy and cost in your cloud environment.

Managed Services
Infrastructure & DevOps Modernization
View all blog posts