The challenge
Northvex, a Waterloo-based workflow automation platform for professional services firms, had grown to 400+ customers and $8M ARR — but their AWS infrastructure had been built reactively over 3 years and was showing its age. Cloud costs had tripled in 12 months to $85K/month with no clear explanation, their monolithic Rails application was hitting scaling limits during peak hours (Monday mornings when all their legal and accounting clients logged in simultaneously), and they'd failed a SOC 2 Type II audit due to overly permissive IAM roles and missing encryption on two data stores. Their VP of Engineering needed an outside team to untangle the technical debt without disrupting their 400 customers.
Our solution
We ran a 3-week technical assessment covering architecture, security, and cost — then executed a 14-week remediation plan. On the infrastructure side, we redesigned their VPC architecture with proper network segmentation, migrated to ECS Fargate for auto-scaling during peak loads, implemented CloudFront for their static assets and API caching, and right-sized every instance using 90 days of utilization data. For security, we implemented least-privilege IAM with role-based access, encrypted all data stores (RDS, S3, ElastiCache), set up AWS GuardDuty and Security Hub for continuous monitoring, and established automated compliance evidence collection. We worked closely with their auditors to address every finding.
The impact
“We were spending $85K/month on AWS and couldn't explain why. Kavora cut our bill by 42%, fixed 140 security issues, and got us through our SOC 2 audit. They're the most thorough technical team we've ever worked with.”