Customer story · Healthcare · Anonymized
27% cost reduction
on monthly AWS spend
Security findings flagged three IAM policies our auditor would have caught later. Bundled with cost in the same dashboard — invaluable.
By HabileLabs
$36k
Monthly AWS spend (before)
$27k
Monthly AWS spend (after)
11
AWS accounts
2
Critical IAM findings closed
Healthcare · This story is anonymized at the customer's request. Numbers and outcomes are real; identifying details have been changed.
The problem
What they were dealing with
A regulated healthcare provider was running 11 AWS accounts across two teams, with the cost-and-compliance burden falling on a single platform engineer. Audits were a 3-week ordeal each year. Cost optimization was deferred indefinitely because the team did not have headcount to look at both.
A budget review at the start of the fiscal year exposed that AWS spend had risen 19% year-over-year. Leadership wanted a 15% reduction without sacrificing performance or compromising the upcoming HIPAA audit. The platform engineer had two months.
The approach
How they used Refine
Refine was connected to all 11 accounts via the account hierarchy. The org-level dashboard ranked accounts by spend and surfaced the top contributors. Three of the 11 accounts were responsible for 73% of total spend; two were over-provisioned legacy production environments scheduled for retirement but still running at full capacity.
Concurrently, Refine's security findings catalog turned up 63 issues across the fleet. Three were Critical: an IAM user with an active access key over 400 days old, an unencrypted RDS instance in a non-prod account that handled de-identified patient records during testing, and a public S3 bucket that had been created during a failed migration and never deleted.
- Connected Refine across 11 AWS accounts via account hierarchy
- Org-level rollup identified 3 accounts driving 73% of spend
- Right-sized 8 legacy production instances (largest single win)
- Closed 3 Critical IAM/storage findings before HIPAA audit
- Set per-account notification routing (cost to platform, security to compliance)
- Enabled audit log per applied fix for compliance evidence
The result
27% cost reduction · $120,000 / year saved
Over six months, monthly AWS spend dropped from $37k to $27k — a 27% reduction, exceeding the 15% target. The Optimization Score climbed from 38 to 79. The annual HIPAA audit closed in 8 business days instead of the historical 3 weeks; auditors specifically called out the documented evidence trail of applied security remediations.
The platform engineer now spends half a day a month on AWS cost and security — down from the equivalent of a week per quarter. Refine's narrative report goes to compliance leadership monthly. The Critical-severity findings list has stayed at zero for nine consecutive months.
"The audit timeline alone justified everything. But the team time we recovered is what compounds — that's an FTE I would have had to hire just to manage AWS health."
— Platform engineering lead, Healthcare (anonymized)
See what Refine surfaces in your account
60-second setup. Free forever. Read-only access.
Refine is built and supported by HabileLabs, an AWS Advanced Tier Services Partner.