Leading Biotechnology Company
Petabyte SAN Migration
Strata was responsible for the data migration of legacy SAN storage devices for the main North American data centers of a large biotech company. Strata led efforts to decommission the following SAN devices over the course of 12 months through data relocation and server decommissioning:
- 7x HP EVAs
- HP XP1024
- HP XP12000
- EMC VMAX
- 4x Brocade Silkworm 48000 SAN Directors
- 8x Brocade 4100 Edge Switches
This SAN storage environment served a petabyte of data to over 700 mission critical production hosts. All data was moved according to appropriate change control guidelines and FDA-compliant validation paperwork on time and within the project budget.
The challenge was to migrate 1 petabyte of data in a complex and changing environment by a fixed deadline and with minimal resources. This challenge required navigating the following constraints:
- Lack of an available storage administrator that could provide SAN expertise
- Lack of a technical project manager that could interface between the PMO and technical groups
- Lack of a change control administrator that could navigate the various change control requirements
- Major change in control management system from Remedy to HPSM
- Major data center project competing for resources needed for the SAN migration
In a short amount of time, Strata onboarded expert level SAN resources and worked seamlessly with the existing team to kickstart the project. Strata navigated change control challenges and facilitated communication and collaboration between the PMO and technical team while minimizing impact on resources needed to advance this project. The customer was informed on progress, accomplishments, and risks through weekly progress updates and executive tracking dashboards. Strata successfully concluded the project and provided project handoff to internal staff at the company.
Strata was able to provide the following benefits:
- Handed off all the storage devices listed above in either a state ready to be decommissioned or a near ready state to comply with customer requirements.
- Met the deadline mandated by the SAN migration steering committee with minimal amount of disruption to the business needs of our client.
- Provided savings of over $100,000 per month in hardware support costs.
Petabyte NAS Migration
Strata took over a faltering NAS data migration project and provided services for the discovery, planning, coordination, change administration and migration of over 1 petabyte of data across 9 legacy Network Appliance 7-Mode clusters to a current single cDOT storage cluster. These legacy storage devices served business critical data to over 20,000 users 24×7 around the world. Downtimes were minimized to fit inside small maintenance windows with over a thousand hosts and hundreds of applications impacted per cluster migrated.
The customer faced the follow challenges:
- Records of which hosts had a particular storage mounted were inaccurate due to the stateless nature of the NFS protocol and the age of the devices involved
- Records of data ownership were inaccurate and out of date due to the length of time since the storage device had been commissioned (> 10 years)
- Mixed use of each storage device meant that downtime planning requirements were difficult to finalize and satisfy each customer group
- Applications dependent on legacy storage were so old that they were not compatible with the destination storage solution chosen
Strata was able to bridge the communication between the end user, the systems administrator and the project manager. There was also a benefit from our interdisciplinary understanding of specific vendor technologies (NetApp ONTap and 7MTT), broad Linux and Unix administration knowledge, NFS and CIFS protocol understanding as well as specific end user application dependencies. This unique set of knowledge and skills allowed us to holistically approach the full stack and was instrumental to the success of this project.
Strata was able to provide the following benefits:
- Completed data migration before the datacenter was shut down and decommissioned
- Retired all target NetApp storage clusters that were end of life or end of support
- Provided savings of $150,000 per month in hardware support costs
- Completed data discovery and clean up of multiple terabytes of unused storage volumes
- Managed risks and project tasks in a manner that resulted in minimal impact to end users
Strata Consulting managed to solve a highly complex storage migration challenge leveraging experience, specific technology expertise, industry best practice principles, and effective customer service.
Leading Subscription Services Company
Security and Compliance Services
In 2011, Strata helped a subscription billing services cloud company build their security program and achieve PCI and SSAE16 (now SOC 1) compliance. The company highly values security and compliance because they handled sensitive PII and PCI data in order to integrate with payment gateway and service providers, as well as work with customers and partners to provide their subscription billing service. Strata was able to work together with the existing small staff of DevOps and IT resources and managers to help overcome their security and compliance challenges.
The near-term challenge was to achieve PCI compliance in three months, while the mid-term was to complete SSAE16 (now SOC 1) within nine months. Although not yet clearly defined at inception, the long-term challenge was to build a security program organization-wide that managed to strike a balance between cost, resource availability, and risk management. This was not easy for a company that did not have full-time security resources and moved at startup speed. This subscription billing cloud provider needed a partner they could rely on to help them meet near-, mid- and long-term security and compliance challenges. Strata consultants stepped up to the challenge.
Strata consultants focused on meeting the near-term objectives to become PCI compliant. Within two weeks, Strata completed a PCI gap assessment and provided a remediation plan to reach their objective of PCI compliance. Strata worked with PCI QSAs to prepare evidence and staff for the audit. Within three months, Strata helped the company achieve PCI compliance. Following that, Strata consultants took a similar approach to preparing and completing a SOC 1 Type II assessment and compliance. Since that time, Strata has provided additional resources to help build their security program to its current state, including recommendation of hiring a full-time CSO and five security staff. Even with the hiring of additional resources, this subscription services company sees the value in retaining Strata consultants to be part of their security team in 2017 and beyond.
Strata helped the company achieve short- and mid-term objectives in 2011 to become PCI and SOC 1 compliant. From there, Strata led efforts to help the company achieve SOC 2 and HIPAA compliance for all services provided. Strata continues to play a critical role in managing security and compliance initiatives and help work with the growing security team to build the company’s security program to a world-class level.
Leading Electric Car Manufacturer
Security Infrastructure Implementation
In 2012, Strata Consulting engineers implemented an enterprise PKI (public-key infrastructure) and VPN solution for a cutting-edge electric car manufacturer within three months. The PKI solution served as the foundation for provisioning secure authentication certificates to the onboard computer on the electric vehicle computers and wireless key fobs. These certificates are used to authenticate car communication over the wireless network and used by key fobs to securely open car doors.
Three months before the company’s electric car rollout, the manufacturer required a PKI solution to issue certificates to cars so that network communication for every electric vehicle is authenticated and encrypted. The solution required authentication certificates be provisioned from a PKI software that supports integration with secure FIPS 140-2 Level 3 HSM and has an open API for integration and automation of provisioning with manufacturing processes.
Based on the goal and objective to have a scalable and reliable PKI solution for their vehicle rollout, Strata defined detailed requirements and complete review of all available solutions for PKI. The key requirement of the PKI and VPN solution is that it is capable of supporting 4 nines (99.99%) availability. To deliver the solution, Strata defined and managed the following phases of the project:
- Discovery and Requirements
- Design and Architecture
- Proof-of-Concept Pilot
- Staging and Manufacturing Demo
- Production Build
- Production Rollout
After a short discovery period, Strata Consulting engineers moved forward with an effective and comprehensive evaluation of both open-source and vendor-supplied solutions. Strata Consulting engineers selected EJBCA from PrimeKey and an HSM solution from Utimaco to design the network and systems architecture. After presenting to the manufacturing, security, and technology teams, the architecture was approved. Strata Consulting engineers worked seamlessly with the staff of the electric car company to build, test, and integrate the PKI and VPN solution on the electric vehicle computers and wireless key fobs.
Strata Consulting engineers led the way for this electric vehicle manufacturer to deploy a PKI and VPN solution that is secure, highly available, and highly scalable. The solution is in operation to this day enabling secure communication between the vehicles and the company network and a suite of entertainment and car services to drivers as well as monitoring services for the car manufacturer.