SOC 2 isn’t your problem. It’s your network.

Information security is a reason for concern for all organizations, including those that outsource key business operations to third-party vendors like SaaS and cloud providers. But beware! Don’t let your network be an afterthought when it comes to achieving SOC 2 compliance.

Lightstream’s Chief Strategy Officer Jeff Collins discusses the basics of SOC 2 and offers concrete advice on what to consider when preparing for an audit or undertaking a digital transformation initiative.

On Apple

On Spotify

Cloud FinOps – Saving money or making money‪?

 

Cloud technology has speed go-to-markets in ways unimaginable in the past. With these advances have also come setbacks, such as runaway costs and a breakdown in operational processes. As a result, the Cloud FinOps movement has emerged to bring financial accountability to the spend model of cloud. Lightstream’s Sjon Benson explains Cloud FinOps and how to keep the focus on optimization and performance. He touches on AWS’ gp3 as a use case for harnessing disruptive cloud innovation without blowing the bud.

 On Apple 

 On Spotify

Software Company Achieves International Growth and Ongoing Innovation with Help from Lightstream and AWS

Lightstream Cloud Managed Services gives Entrata the tools to successfully migrate to the cloud and optimize the operational, security and financial aspects of its environment

Business Challenge

Since its inception in 2003, Entrata has prided itself on developing innovative solutions for the property management industry. That innovation is what allows the company to deliver on its pledge to make life easier for property owners, managers and residents. From property management software that simplifies accounting and purchasing to complete automation that enables remote lighting, locks, thermostats, Entrata’s suite of products is as comprehensive as it is state of the art.

Entrata first connected with Lightstream in 2011 as the company’s IT leaders sought to upgrade network connectivity and performance while reducing costs. In the years that followed, Entrata’s IT team came to rely on Lightstream for help overcoming technological challenges and improving the efficiency, reliability and security of their IT operations. As the company expanded and technology evolved, it became evident that moving certain applications and resources to the cloud would be beneficial to the organization and its customers. Migrating from on-premises to the cloud would allow the company to innovate faster and at a global scale.

Once again, Entrata turned to long-time partner Lightstream for assistance with this migration. After selecting AWS as its cloud service provider (CSP), the next step was ensuring that the best practices, tools, expertise, financial incentives and partner ecosystem offered by AWS were implemented to make cloud adoption easier. Lightstream’s extensive experience with the AWS Migration Acceleration Program (MAP) – a comprehensive and proven cloud migration program – enabled its engineers to provide Entrata with expert guidance through the often-complicated process. MAP consists of a three-phase journey that helps customers leverage the performance, security and reliability of the cloud while reducing complexity and costs.

The migration was a success, and Entrata quickly saw the enhanced innovation, elevated customer experience and digital transformation possible within the cloud. Before long Entrata’s director of engineering knew the time was right to migrate even more applications and resources to the cloud. Upon discussing this with his Lightstream representatives, he also understood that there was an opportunity to optimize the financial, technical, security and operational aspects of their current environment.

Solution

As a platinum-level Lightstream Cloud Managed Services customer, Entrata began taking advantage of the tools that ensure the ideal management and optimization of its cloud environment. This comprehensive advisory service also lifts some of the burden off of the internal IT department, as Lightstream’s partnership with AWS and its AWS Advance Consulting certification assists the organization in determining the ideal migration path for its additional infrastructure and applications.

To maximize Entrata’s savings with AWS, Lightstream assisted with the negotiation and management of the company’s contracting for AWS Enterprise Discount Plan (EDP). Additionally, Lightstream adjusted Entrata’s Elastic Block Store (EBS) Provisioned IOPS and EBS-Optimized instances to optimize its storage within Amazon EC2. Provisioned IOPS are an EBS volume type designed to deliver predictable, high performance for I/O intensive workloads, such as database applications, that rely on consistent and fast response times. Ongoing management assures that the IOPS are periodically adjusted according to the organization’s actual needs and avoids overprovisioning.

Business Outcomes

The ongoing optimization of the operational, security and financial aspects of Entrata’s cloud environment is currently saving the company approximately 20% of their total AWS spend per month. Quarterly meetings between Lightstream and Entrata allow the teams to come together to review infrastructure performance and provides the company with ongoing recommendations on what actions can be taken to continue to save money and enhance efficiency and security.

Entrata has steadily grown from a software development startup to a successful user experience organization offering a full suite of services that takes the complexity out of property management. Throughout the years, the company’s relationship with Lightstream has evolved from that of a basic vendor/client exchange to a true technology partnership.

Entrata is currently expanding into international territories, a growth strategy that has been made possible due to its cloud infrastructure. Despite the economic downturn of 2020-2021, Entrata has continued to flourish and increase business. One opportunity the organization may want to consider in the near future is to migrate its gp2 volumes to Amazon’s new gp3 volumes, which are the next-generation general purpose SSD volumes for EBS that would enable Entrata to provision performance independent of storage capacity and take advantage of up to 20% lower price-point per GB than its existing gp2 volumes. As the organization moves forward in its cloud journey, Lightstream is standing by to help the company achieve continued innovation and growth.

Award-Winning California School District Provides Students and Families with Continuous Access to School Resources in Azure

Lightstream helps Twin Rivers Unified School District implement the power of Azure cloud computing for its parent portal

Business Challenge

Twin Rivers Unified School District is the 27th largest public K-12 school system in California, serving nearly 27,000 students in northern Sacramento County at 52 school sites. With a long list of honors and accomplishments for its students, teachers, staff, schools and programs, Twin Rivers prides itself on an unwavering commitment to its community.

One of the primary methods of communication between the district and the families it serves is its parent portal. The Aeries Parent Portal is a website and app where parents and guardians can track student assignments, see grades, exchange information and messages with their student’s teachers and school, and make payments to their child’s in-school meal account. Parents need access to this portal on a daily basis, but when internet access or power went down at Twin Rivers’ main site, portal access would also be suspended.

The administrators at Twin Rivers understood that they had to find a way to ensure uninterrupted portal access to families. The district’s manager of network and systems operations knew the answer was in the cloud, so he attended Microsoft Azure’s Cloud Foundation Workshop hosted by Lightstream engineers and architects. There he gained a fundamental understanding and best practices for deploying and managing applications and services in the cloud as well as insight into the valuable solutions and tool sets available to Twin Rivers.

Solution

Lightstream’s extensive experience providing educational institutions with the tools they need to keep their systems up, running and secure regardless of external factors proved valuable to Twin Rivers. The district held follow-up consultations with their Lightstream team to discuss the deployment of Active Directory Federation Servers (AD FS) within Microsoft Azure. AD FS provides simplified, secured identity federation and Web single sign-on (SSO) capabilities. A global load balancing service could seamlessly reroute portal traffic through MS Azure in any instances where traffic is not able to pass through on-premises servers.

This would enable users of the parent portal to login using on-premises credentials and access all resources in cloud – even if power or internet access is lost at Twin Rivers’ main site.

Business Outcomes

Since early 2020, Twin Rivers’ highly available AD FS infrastructure has ensured uninterrupted access to portal resources and services both on-premises and in the cloud. The solution is easily scalable, so should Twin Rivers require additional performance, it can migrate to more powerful machines with just a few clicks in Azure. Moreover, Azure’s simplified infrastructure management options provide the district’s manager of network and systems operations with an easy and hassle-free method for maintaining solution redundancy.

Twin Rivers is realizing the benefits of cloud computing and its ability to help the district deliver on its mission to facilitate effective and powerful communication practices that build trust and support for its students, families, teachers and staff. The AD FS cloud infrastructure offered a relatively easy solution to Twin Rivers’ portal access challenge, but as the K-12 industry is evolving to become more collaborative, student-centric and data-driven, the district may soon find itself in need of more extensive optimization of its IT systems and platforms.

As the district moves forward in an ever-evolving industry, Lightstream is prepared to draw on its broad educational technology expertise to ensure that Twin Rivers doesn’t just survive but thrives with the support it needs for future innovation and transformation.

Contact Information

To learn more about how Lightstream can help you identify, understand and implement the optimal solutions you need to modernize operations and build your institution’s roadmap to the future, visit www.lightstream.tech.

 

A Large Design-Build Construction Company Saves Azure Cloud Migration with Help from Lightstream

Security gaps threatened the company’s cloud migration, but crisis was averted with services from Lightstream.

Business Challenge

A desire to stay innovative, modern, and operationally effective—three critical attributes in today’s competitive construction industry—led a large design-build construction company in the Midwest to explore the cloud. The company’s IT leadership team chose Microsoft Azure as their platform and purchased Prisma Cloud, a multi-cloud security offering from Palo Alto Networks, to provide added security protection for their cloud environments.

Once its Azure environment was implemented, the company began migrating applications. The team’s goal was to move as many applications as possible to the cloud, knowing some applications would have to remain on-premises, and their operating environment would result in a hybrid configuration.

After months of moving applications and deploying them into production, however, the company discovered problems. A security assessment revealed there were serious security gaps in the way Azure and Prisma Cloud had been implemented. If not addressed, the gaps would allow external entities to gain access to their environment, leaving the company’s systems vulnerable to breaches. This forced the company to stop its cloud migration and move applications back into its own data center.

Solution

With its cloud migration on hold, the company looked for a solution to solve its security problems and contacted Lightstream for help.

Once engaged, Lightstream Azure Cloud experts began gathering information. They reviewed the company’s business requirements, technology environment (infrastructure, data services, security landscape, application portfolio, and operations tools), and processes to gain a clear understanding of the company’s operating environment.

Next, the team evaluated the company’s existing Azure environment. They reviewed the company’s core cloud configurations, standards and governance, identity and access management (IAM), network interconnectivity, security, and monitoring, provided recommendations for changes to address issues, and then created an operational run-book with as-built documentation.

The next step was to review the Palo Alto Networks NGFW (next-generation firewall) configuration. The team reviewed the overall design of the appliances, assessed the Azure routing configurations, network placement, and connectivity, and recommended changes to remediate issues and ensure high availability.

The last step was to address the Palo Alto Networks Prisma Cloud implementation. The team evaluated the existing deployment, including policies and settings for resource configurations, user activities, network traffic, and host vulnerabilities, and made changes to resolve problems and ensure the environment operated correctly.

Business Outcomes

Remediation of Security Gaps and Reduced Business Risk

After completing the project with Lightstream, the company was able to eliminate its security gaps. External entities were no longer able to gain access to the company’s Azure environment through the known security vulnerabilities. This increased the confidence in the company’s cloud platform and lowered the risk of security breaches to the organization.

Secure Azure Environment with Next-Generation Firewalls

The company gained a secure Azure environment protected by Palo Alto Networks NGFWs in a high availability configuration. This enabled the company to resume migrating applications safely to the cloud and ensured its firewalls would be resilient.

Successful Prisma Cloud Implementation

With help from Lightstream experts, the company was able to overcome its initial problems and successfully implement Palo Alto Networks Prisma Cloud in its environment. This provided added security protection for the company’s cloud infrastructure and cloud-native applications.

A Large Dairy Co-operative Turns to Lightstream to Help Save Its ERP Migration in Azure

Microsoft Azure and Palo Alto Networks NGFW design and implementation services from Lightstream help the company overcome edge security issues and deploy ERP in the cloud.

Business Challenge

Dairy is a complex, regulated industry. Since the 1930s, the U.S. government has regulated milk prices. Minimum prices are set for fluid milk (based on several factors, including the price of butter, cheese, nonfat dry milk, and dry whey), and all processors must pay it. Different prices are set for milk used as an ingredient in dairy products, though the process is the same: the government sets the price, and processors pay it.

In addition, milk is a perishable product. As a result, the government sets strict standards on its use. Processors are unable to stockpile product to meet fluctuating consumer demand, which in recent years has been shifting to dairy alternatives like oat and soy milk.

These market realities put pressure on dairy processors. To address these challenges, a large dairy co-operative in the Pacific Northwest decided to expand its operations beyond its regional customer base with the goal of becoming a national brand. But to do that, the company first needed to modernize its systems by moving away from its on-premise legacy enterprise resource planning (ERP) system to Microsoft Dynamics 365 to establish a more flexible operating platform.

Midway through the project, however, the company ran into security problems. It turned out the company didn’t fully understand how to implement native cloud security controls available in Microsoft Azure and did not have proper edge security protection in place to satisfy governance and compliance regulations. After months of trying to correct the problem with the help of a 3rd -party firm, the company was unable to deploy its ERP solution and was faced with either seeking additional help or shutting down the project.

Solution

Prior to contacting Lightstream, the company had attempted to implement Palo Alto Networks NGFW (next-generation firewall) in Azure to provide edge security for its users. The company’s IT team was committed to the solution and its capabilities, but they had struggled with the implementation.

Once engaged, the Lightstream team reviewed the company’s requirements. They evaluated the existing Palo Alto NGFW configuration, executed an ingress and egress assessment, developed a security plan for implementing the company’s ERP system in the cloud using Azure native controls and Palo Alto NGFW as the edge inspection point, and architected the design to ensure high availability and resiliency. This was done by performing a customized Cloud Foundation Framework engagement.

After the design was completed, Lightstream built the Azure environment per the design blueprint, including VNets, network security groups, platform logging, and all native security controls. Then, the team implemented the Palo Alto NGFWs in a high availability configuration.

The final step was testing and validation. Lightstream’s Azure Cloud engineering experts helped test traffic flow, routing, and connectivity, as well as security functionality to ensure the solution provided the edge security protection the company needed.

Business Outcomes

Next-Generation Edge Security Protection

The company now has next-generation security to protect its systems. This includes IPS (intrusion prevention system) that examines network traffic to prevent vulnerability exploits, APT (advanced persistent threat) intelligence and detection, and other security capabilities that help keep data safe from cyber attacks.

Successful Migration to Microsoft Dynamics 365

With edge security in place, the company was able to move forward with its ERP project. Now, the company has replaced its legacy ERP solution with Microsoft Dynamics 365, providing the enhanced computing platform the company needs to expand its operation.

Matching Your Value to a Carrier-Support Mode‪l‬

 

Network complexity, industry consolidation and cost compression have affected carrier customer-care levels over the last decade. Lightstream’s Mark Feil decrypts the reasons behind this shifting landscape and outlines concrete steps businesses can take to find the right balance between connectivity, price and customer care.

 On Apple 

 On Spotify

Worldwide Medical Corporation Achieves Significant Growth, Advances in Technology and Cost Savings in AWS

Lightstream becomes an extension of the IT team, delivering ongoing support, savings and optimization of its AWS cloud environment

Business Challenge

This medical corporation is a global developer and marketer of medical devices and software solutions that help advance emergency care and save lives, while increasing clinical and operational efficiencies. At the core of the company’s mission is the commitment to grow by remaining focused, building on their technology leadership and providing unique high-quality products through worldwide distribution.

The company’s IT leadership became aware in 2015 that migrating to a cloud environment would give them the agility and innovation they needed to carry out that mission well into the future. So, they partnered with Lightstream to design and implement their first AWS infrastructure. Soon thereafter the company designated Lightstream as its AWS reseller in order to take advantage of additional discounts the provider was able to obtain for them. For the next four years the company relied on Lightstream to perform quarterly analyses of the company’s cloud performance and provide advice on its technical optimization strategy.

By early 2020, the company’s IT team had become overburdened with the day-to-day management of its cloud environment. Their hands-on approach had become cumbersome and was pulling the team’s focus away from their core mission to build on their technology leadership. On top of that, cloud spending had become exorbitant and they lacked the internal resources to uncover and remedy inefficiencies. The IT management team knew it was time for a change, so they once again turned to Lightstream for help finding ways to overcome these challenges.

Solution

Lightstream’s first recommendation was to enter into to an AWS Enterprise Discount Program (EDP) contract to allow the company to take advantage of additional savings. The next step would be to start utilizing Lightstream’s Cloud Managed Services (CMS) to capitalize on the ongoing optimization of the financial, security, technological and operational aspects of its cloud environment. Entrusting Lightstream to procure cloud services on its behalf and relying on the provider to do some of the heavy lifting in terms of engineering and professional services would free up the IT team to focus on its core competencies. And the recommended Platinum service level contract would essentially add a certified Lightstream cloud engineer to the company’s workforce.

Lightstream created and manages the company’s cloud environment using best practices provided by AWS Control Tower. This ensures a well-architected multi-account environment and the tools to govern AWS workloads with rules for security, operations and internal compliance. Lightstream works with AWS to ensure that the company receives the ideal storage performance and cost, which is currently EC2 Amazon Elastic Compute Cloud – a level that gives the company the ability to rent virtual computers on which to run apps.

Lightstream’s CMS ensures maintenance of cloud-native security controls and provides guidance on overall security as well as comprehensive visibility across its cloud infrastructure. This enables protection for state and activity monitoring, turning insight to action while meeting compliance demands.

Business Outcomes

Ongoing Cloud Optimization

The company’s procurement of Lightstream CMS has allowed it to return its focus back to advancing the company’s technology leadership. Weekly meetings between the company’s IT professionals and its dedicated Lightstream team provide insight into the ongoing optimization of the financial, technical and operational aspects of its cloud environment.

Cloud Cost Savings and GP3 Migration

By entering into an AWS EDP contract, the company saved nearly $200,000.00 in cloud expenses in 2020. Lightstream is currently working with the company to iron out the terms of its upcoming contract renewal, which promises even greater savings for the medical device company in the coming months and years. Lightstream is also upgrading the company to Amazon’s newly introduced GP3 storage volume in order to take advantage of higher volumes at a 20% lower cost.

Supporting Business Growth

The company has achieved exponential growth in the last several years, most recently expanding into Europe and Asia. As it continues to build on its technology leadership and accomplish worldwide distribution of its life-saving products, Lightstream will be there to support the company every step of the way.