Halving RMIT University’s delivery timelines with secure, codified cloud foundation
At a glance
RMIT University worked with Cevo to build a secure, automated AWS landing zone that centralises account management, governance and compliance. Powered by DevSecOps tooling, infrastructure-as-code pipelines and ServiceNow integration, the solution cut delivery timelines and costs by 50%, accelerated workload launches by 70% and achieved near-perfect NIST compliance.
Capabilities
Industry
Education
About RMIT University
Ranked among the world’s top 125 universities, RMIT University is a global university of technology, design, and enterprise based in Melbourne, Australia, with over 90,000 students from 194 countries.
The opportunity
Transforming how value is delivered through the cloud
Delivering education and research at scale requires more than technology. It demands agility, security, and confidence that teams can innovate without compromise. As cloud adoption grew organically across departments, RMIT ended up managing six separate AWS Organizations, each with its own billing setup, tools, and operating models. This fragmented approach created inefficiencies, inconsistencies in governance and security, and limited visibility across teams. Manual onboarding and decentralized management further delayed project delivery and contributed to infrastructure sprawl.
The university set out not just to unify cloud accounts, but to redefine digital delivery with security and automation built in, empowering application teams to move faster with confidence.
The university set out not just to unify cloud accounts, but to redefine digital delivery with security and automation built in, empowering application teams to move faster with confidence.
Solution
Delivering with codified standards and automation
To address its fragmented cloud landscape, RMIT partnered with Cevo, an AWS Premier Consulting Partner with expertise in enterprise cloud modernisation.
Together, they built a fully integrated, automated, and secure enterprise landing zone (ELZ) that centralizes operations and enforces compliance across RMIT’s AWS Organizations. While the Landing Zone Accelerator on AWS supported parts of the build, the broader transformation focused on codifying standards, reducing manual effort, and shifting governance from reactive to preventive.
Security was a cornerstone. The team pursued a near zero-trust architecture with minimal overhead to reduce complexity for developers and reliability engineers. Guided by AWS Well-Architected Framework best practices, they automated the Security Pillar into assessment processes, implemented defense-in-depth patterns, enforced preventive governance at every phase of continuous integration/continuous development (CI/CD), and codified platform policies. Preventive and detective controls were reinforced through a hierarchy of service control policies, centralized logging and monitoring, and AWS security services including AWS CloudTrail, AWS Config, and Amazon GuardDuty as well as AWS Security Hub, Amazon Macie, and AWS IAM Access Analyzer for threat detection. RMIT also benchmarks its cloud security posture against NIST and CIS standards in AWS Security Hub, regularly achieving near-perfect compliance.
RMIT and Cevo also adopted shift-left principles to move testing, quality, and security earlier in the software development lifecycle. Opinionated git pipelines apply security standards upfront, including code quality and vulnerability scanning, while a Terraform module library codifies secure AWS resource instantiation. These patterns extend to secure network blueprints, encryption, access control, and container scanning—ensuring workloads are secure by design, every time.
Operational agility came through ServiceNow integration. The team connected request-fulfillment workflows with the ELZ for frictionless project onboarding and linked ServiceNow Configuration Management Database (CMDB) auto-discovery and automated service mapping, creating a central repository of IT services, assets, and relationships. The results are transformative.
Outcome
Halving digital delivery timelines and cost and accelerating research
By establishing a modern ELZ, RMIT has transformed the way it delivers digital services. The platform ensures consistent governance, secure automation, and seamless onboarding across all departments and business units. Workload accounts, network, and access provisioning—along with CMDB onboarding—are now 90 percent faster, while digital delivery timelines and costs have been reduced by up to 50 percent. Developers can launch workloads 70 percent quicker with greater agility and fewer manual steps.
Beyond high-level metrics, ELZ has delivered meaningful business impact. A critical research initiative requiring secure access to key software was stalled for more than 12 months due to security and governance concerns. With the ELZ’s “secure by design” architecture and proactive governance, connectivity was implemented in under six weeks once the platform was operational.
The platform is also helping RMIT scale globally. The university recently launched an on-demand cybersecurity curriculum in Vietnam, and research teams now collaborate more efficiently across time zones and campuses.
Enjoyed this customer story?
Share it with your network!
You may also like
