Executive Summary
A UK EdTech platform serving schools and entire local authorities with pupil data management had grown organically without independent architectural assessment. With sensitive PII flowing through the system and schools depending on the platform during critical assessment and reporting periods, the team wanted clarity on where their highest risks actually were. Logicata delivered a focused Well-Architected Framework Review on the Security and Reliability pillars, identifying High Risk Issues and providing a prioritised remediation plan that went on to inform a follow-on AWS Backup automated restore testing engagement.
Customer Overview
Sector: Education Technology (EdTech)
Location: United Kingdom
The customer provides a web-based pupil data management system used by schools and entire local authorities across England and Scotland. The platform handles sensitive pupil information (attainment data, personal details, assessment scores) and is relied on by thousands of educators for data-driven decision making.
The Challenge
The combination of regulated data and operational dependence made the gap in formal assessment a growing risk:
- Sensitive data handling. Pupil PII requires robust security controls and compliance with education sector data protection standards.
- No formal architecture review. The platform had grown organically. There was no independent assessment against best practices and no shared view of where the risk lived.
- Reliability concerns. Schools depend on the platform during critical assessment and reporting periods. Reliability is not just a metric, it is a teaching-day disruption when it slips.
- Unknown risk posture. Without a structured review, the team had no way to know which architectural decisions posed the highest risk and which were fine.
The Solution
Logicata conducted an AWS Well-Architected Framework Review focused on the Security and Reliability pillars:
- Service Screener run against the production account to produce automated security and configuration checks, giving the workshop a grounded starting point.
- 2-hour workshop reviewing the workload against Security and Reliability best practice questions, with the customer’s engineers in the room.
- Formal report documenting every High Risk Issue (HRI) and Medium Risk Issue (MRI) with remediation plans.
- 1-hour HRI remediation meeting to prioritise the findings against business risk and agree the next steps.
Why a two-pillar focused review
A full six-pillar review takes longer and dilutes attention. For this customer, Security and Reliability were the two pillars where the risk was concentrated. Focusing the engagement there delivered actionable findings without the noise of pillars where the customer already had reasonable posture.
Results
- Security and Reliability assessment completed against AWS best practices
- High Risk Issues identified with clear remediation priorities
- Automated Service Screener output provided for ongoing reference, not just one-off use
- Directly informed a follow-on project (AWS Backup automated restore testing), turning a finding into delivery
- Customer gained confidence in platform security for education sector compliance, and a defensible record for procurement questionnaires
AWS Services Used
- AWS Well-Architected Tool
- AWS Service Screener
- Amazon RDS
- Amazon EC2
- Amazon VPC
About Logicata
Logicata is an AWS Advanced Partner holding the AWS Cloud Operations Management Competency, validated through an independent third-party audit. Logicata helps organisations build and operate secure, well-governed cloud platforms on AWS, enabling customers to reduce operational risk, meet assurance expectations, and scale with confidence.
