Coursera Case Study

How An EdTech Pioneer Moved Beyond SSH Keys

Home > Resources > Case Studies > Coursera Case Study

Coursera is the leader in online learning. They serve over 25 million learners with over 2,000 courses covering nearly 200 specializations. Their IT operation is broad and sophisticated, boasting eight dedicated engineers on back-end infrastructure alone.

The Challenge

The infrastructure team’s strategy is simple: to use the best tools available without having to build them in-house. Early adoption of platforms and tools like Amazon Web Services and Cassandra allowed Coursera to scale quickly, but it also created a challenge: their team has to juggle multiple tools and develop working knowledge across all of them.

Another challenge? With so many tools stitched together, provisioning SSH became burdensome over time, creating tension between their stated strategy to use the best tools and their goal to ensure productivity across the developer team.

"At Coursera, our team is trying to attain a goal of making developers as productive as possible without having to worry about maintaining anything. That's the vision: everything runs seamlessly without much effort into operations or maintenance. We do have to pay for that through really good tooling, and I think ScaleFT definitely fits that niche."

- David Guo, Software Engineer, Coursera

Following the lead of companies like Google and Netflix, two trendsetters in modern architectures, Coursera began to review tools that would help them move beyond traditional access controls.

Why ScaleFT?

Rethinking privileged access was a priority for Coursera in part because provisioning SSH keys in their custom bastion set up was particularly burdensome. Since they were already heading down this path, they were also looking for auditing solutions that allowed them to easily provision groups and roles.

Coursera assessed ScaleFT alongside a number of legacy access-management vendors and open-source tools. While others could help Coursera achieve their goals, they selected ScaleFT because it was easiest to deploy and to customize to their needs.

The tools from ScaleFT represent a fundamentally new approach to an old software category, but Coursera saw signs that the robust community around ScaleFT would continue to grow. ScaleFT’s expert and responsive support operation further validated the Coursera team’s decision by quickly earning their trust.

In Coursera, ScaleFT not only found a loyal partner, but also an honest and resourceful customer. Coursera remains enthusiastic about ScaleFT, but they admit that there was room for improvement. The Coursera team noted that the onboarding experience could have been more streamlined, especially during the migration phase, when identifying which servers were running ScaleFT proved more challenging than it would be in future versions.

We are always listening to customer feedback to improve the product and overall user experience, and Coursera’s thoughtful input helped us streamline the onboarding experience. Overall, Coursera found that deploying ScaleFT was a cinch: within a week the infrastructure team was up and running smoothly.

The Architectural Details

Coursera operates a highly scalable cloud infrastructure in AWS, with a number of auto-scaling groups spinning up and down hundreds of EC2 instances on demand. They deployed three bastions for granting access to each of these instances, with security groups configured to only allow inbound SSH on port 22.

In this elastic environment, provisioning SSH keys and managing role-based access controls is an extreme burden. With ScaleFT, Coursera knows that every instance is provisioned correctly, and that traffic is only coming through a bastion once fully authenticated and authorized. Every login attempt is audited for further inspection, giving the infrastructure team the assurance that their environment is secure.

“Access is, as a result, far more granular. We can simply and quickly isolate environments based on who is working on what at any given time. And ScaleFT hosts the authorization server, which means we don’t need to host it ourselves.”

In addition to the core platform setup, Coursera leveraged the ScaleFT API to personalize the user experience to the workflows the team is used to. Using the ScaleFT URL Handler, Coursera added direct links to their deployment pages that automatically open up an SSH terminal to the instance. This saves time with troubleshooting, and ensures that no one is working on the wrong machine.

“ScaleFT eliminates any doubt that someone out there could have access to your internal network without you knowing it. We can assume that every product that we build on from now is only restricted to agents using, or clients using ScaleFT. That not only makes it a lot easier to design future infrastructure enhancements but also reduces the risk of doing something wrong.”

Coursera + ScaleFT

Coursera is, of course, at the leading edge of a trend that will inevitably spread across the IT world in the months and years ahead. In forward-looking IT teams there is always a risk that you get too far out on your skis, but through a commitment to vetting the best tools and partnering with reliable providers, Coursera has been able to achieve developer productivity that both streamlines and fuels their business.

Notably, ScaleFT’s commitment to building products that developers love is a key to the success of this partnership. In environments that are laser focused on productivity, ease of use and simplicity are elevated from “nice to have” attributes to “must have” features.

Perhaps most importantly, in leveraging ScaleFT’s new access control model, Coursera has demonstrated that the secure need not be the enemy of the usable.

Sick of VPNs?

All of our plans start with a 30 day free trial. No credit card required. See our flexible Pricing Plans.

Start a Free Trial Request a Demo