Success Case Category: Migration

Expert Communication Systems

About Expert Communication Systems

Expert Communication Systems specializes in creating labor training platforms. In this project, their mission was to bolster the security of a platform for one of their clients. Notably, the primary beneficiary of this project was Expert Communication Systems’ client, with Expert Communication Systems acting as the intermediary between DinoCloud and the end client.

EC Systems’ website

The journey of Expert Communication Systems with DinoCloud began organically, sparked by a shared passion for cloud engineering within the tech community.

Security Enhancement for a Client’s Platform

This project emerged from genuine human interaction, highlighting the power of connections within the technology field. Unlike traditional client relationships, it was born from conversations between professionals in the same technological community, driven by their mutual commitment to excellence.

Expert Communication Systems had developed a web application in JAVA XML/XSL hosted on their own Windows servers. The client requested to migrate this application to the cloud, driven by stringent security requirements. DinoCloud’s role was to ensure the security and regulatory compliance of the cloud infrastructure.

The client’s requirements included:

  • Security Regulation Review: Examination of security regulations specified by the client to assess their implementability on AWS.
  • InfoSec Architecture Design: Crafting an architecture that aligns with InfoSec regulations.
  • Implementation: Deployment of the architecture, preparing it for application migration.
  • Application Migration: Moving the application to the AWS cloud.

The client required regulatory compliance, specifically in InfoSec, where their in-house team needed more expertise.

A Three-Stage Journey

The project unfolded in three distinct stages:

  1. Evaluation/Discovery: During this phase, a comprehensive evaluation revealed that specific security regulations, initially designed for on-premises environments, were unnecessary for migrating the application to the cloud. DinoCloud provided the client with official AWS documentation justifying these exclusions.
  2. Architecture Design: Collaborative discussions between DinoCloud and Expert Communication Systems’ engineering team provided insights into the application’s functionality and service requirements. Based on this information, DinoCloud designed a solution centered on Amazon ECS (Elastic Container Service) and Docker images for application deployment.
  3. Implementation and AWS Migration: The final stage involved a thorough InfoSec regulatory review to ensure readiness for production. The application seamlessly transitioned from a testing environment to a production environment.

AWS Services deployed in this project

  • Amazon ECS: Container orchestration for application deployment.
  • Amazon ECR: Repository for Docker images.
  • Amazon EFS: Shared file storage.
  • AWS Network Firewall: Network security and filtering.
  • AWS CloudTrail: Audit and monitor AWS account activity.
  • Amazon CloudWatch: Monitor AWS resources and applications.
  • Amazon GuardDuty: Threat detection service.
  • AWS Config: Assess, audit, and evaluate AWS resource configurations.

Results

The collaboration between DinoCloud and Expert Communication Systems led to remarkable outcomes:

  • Streamlined Security: The architecture design and implementation ensured compliance with InfoSec regulations, enhancing overall security.
  • Cost-Effective Solution: Unnecessary security measures, initially designed for on-premises environments, were excluded, resulting in cost savings.
  • Smooth Migration: The application transitioned seamlessly to the AWS cloud, meeting all security and compliance requirements.

Expert Communication Systems’ journey began with enhancing security for their client’s platform. Through DinoCloud’s expertise, they achieved a secure, compliant cloud environment that met InfoSec regulations, ensuring the success and safety of their client’s operations.

Conclusion

The project exemplifies the power of collaboration and expertise in achieving robust cloud solutions. DinoCloud’s partnership with Expert Communication Systems enabled the creation of a secure and compliant cloud environment, illustrating how technology and human connections can shape a secure future in the cloud.

Success Stories – Modo #2

Success Stories – Modo

About MODO

MODO is the first Argentine wallet that implements, together with banks, discounts for purchases with immediate refunds to the user’s bank account. In addition, it integrates all payment methods, accounts, and bank discounts in one place.

MODO website

MODO, a pioneering digital wallet collaborator with financial institutions that offer instant cashback rewards, integrated payment methods, and exclusive banking promotions, has chosen AWS as its operational foundation. Committed to providing safe and smooth financial services, MODO partnered with DinoCloud for two important projects to strengthen and optimize the security of its AWS environment, aligning with the high standards of the AWS Financial Services Competency.

Strengthening AWS Infrastructure for Secure and Reliable Financial Services

The first step involved a thorough review of MODO’s live production environment’s security framework. The main goal was to ensure strict adherence to security best practices and regulatory requirements in the financial sector. Key areas included workspace security, database management, encrypted backups, access control, and governance mechanisms.

The second project focused on examining a staging environment, specifically aiming to comply with the Payment Card Industry Data Security Standard (PCI DSS). This validation was essential before moving the staging environment into production to seamlessly introduce an advanced virtual wallet offering.

DinoCloud approached these challenges with a comprehensive security assessment approach. They created a custom application for the initial project, using open-source tools to carefully assess MODO’s infrastructure against top AWS security standards.

This application produced detailed findings and summarized results in an executive report, utilizing Open AI’s capabilities. Additionally, a manual evaluation was done alongside the automated analysis. The same application from the first project was skillfully adapted for the second project to evaluate the new infrastructure’s alignment with PCI DSS requirements.

The first project involved a thorough evaluation of MODO’s existing infrastructure, resulting in a detailed security report that highlighted potential vulnerabilities and compliance gaps without immediate solutions. In contrast, the second project aimed to assess the new infrastructure’s strength in meeting PCI DSS compliance standards.

Conclusion

Both efforts provided MODO with valuable insights into the security of their AWS environment. The comprehensive security assessment reports helped MODO identify potential weaknesses and compliance issues, allowing them to proactively address and improve security procedures. With a clear understanding of their security status, MODO is ready to offer their growing customer base secure, reliable, and PCI-compliant financial services, reinforcing their position as a leader in the financial services industry.

Unleashing growth potential for Buenbit with DinoCloud and AWS

Unleashing growth potential for Buenbit with DinoCloud and AWS

About Buenbit

Buenbit is a smart investment, savings, and credit platform that allows users to buy crypto and earn daily returns. It has more than 700,000 users in Latin America and more than five years of experience in the fintech industry.

Buenbit’s website

Buenbit faced the dual challenge of migrating its workloads from Google Cloud to AWS while optimizing costs. DinoCloud proposed implementing AWS Elastic Kubernetes Service (EKS) and migrating the workloads as microservices to achieve a seamless migration. The event-driven model was also transitioned to AmazonMQ, replacing the existing queuing mechanism in Google Cloud.

Unleashing growth potential and cost reduction for Buenbit with DinoCloud and AWS

Buenbit, a greenfield startup, relied on Google Cloud as its primary cloud provider. However, they recognized they needed to leverage the vast range of technologies and services offered by AWS to drive innovation and cost optimization. AWS had been working closely with Buenbit, showcasing the potential for improving their cloud infrastructure through credits provided via the “Activate” program.

Recognizing the opportunity to enhance its cloud capabilities, Buenbit embarked on a cloud migration journey and sought a trusted partner to assist them. After careful analysis, Buenbit selected DinoCloud as their preferred technology partner for their ambitious migration project.

DinoCloud provided comprehensive migration services to Buenbit, covering various essential tasks for a smooth transition. We conducted an Active Automation Assessment to identify automation opportunities and developed modular infrastructure code for streamlined deployment.

Using AWS Database Migration Service (DMS), we seamlessly migrated staging environments to AWS. DinoCloud facilitated the migration of GitLab runners to AWS ECS and implemented AWS Control Tower for centralized governance and resource migration. We orchestrated the smooth transition of staging services and migrated operational and production environments to AWS.

DinoCloud also developed a comprehensive Disaster Recovery Plan and conducted a thorough architecture review, implementing remediation plans based on the Well-Architected Framework. Overall, we ensured Buenbit’s successful migration to AWS with optimized infrastructure and operational excellence.

Results

The collaboration between Buenbit and DinoCloud yielded impressive results, transforming their cloud landscape and unlocking significant benefits:

  1. Cost Reduction: By migrating from Google Cloud to AWS, Buenbit achieved substantial cost savings, optimizing its infrastructure expenditure.
  2. Enhanced Technological Capabilities: Buenbit gained access to a broader range of AWS services, enabling them to explore new features and expand their service ecosystem.
  3. Streamlined Infrastructure Code: DinoCloud’s expertise in infrastructure as code development resulted in a more organized, modular, and maintainable codebase. Buenbit now benefits from rapid and effortless infrastructure deployment, ensuring agility and scalability.
  4. Code Consolidation: DinoCloud successfully consolidated the administration code for GitLab integration and Buenbit’s infrastructure code. This consolidation simplified maintenance and facilitated disaster recovery scenarios, enabling quick deployment in alternative AWS regions or accounts.
  5. Replication of Development Cycle: DinoCloud replicated Buenbit’s internally organized development cycle in staging environments, allowing seamless integration with their existing development processes. DinoCloud introduced pipeline improvements and recommended migrating from Kubernetes-based clusters to AWS ECS, enhancing efficiency and code management.
  6. Secret Management Improvement: DinoCloud guided Buenbit in transitioning from a Vault-based secret management implementation to AWS Secret Manager, providing enhanced administration and support.

The successful migration project with DinoCloud positioned Buenbit for future growth, empowering them to scale their services and seize new business opportunities.

AWS Services deployed in this project

  • AWS EKS: Orchestrated the migration of microservices workloads.
  • AWS RDS with MySQL RDS: Leveraged managed databases for data storage and management.
  • RDS PostgreSQL
  • Amazon MQ: Utilized for efficient message queuing in the event-driven architecture.
  • AWS ECS: Administered GitLab runners and managed task definitions.
  • Amazon ECR: Managed Docker images for seamless deployment.
  • AWS Artifact: Streamlined library management for enhanced development efficiency.

AWS VPN: Facilitated authorized access for troubleshooting and support.

Conclusion

Buenbit’s seamless migration to the AWS Cloud, guided by DinoCloud, has transformed its cloud landscape, unlocking substantial benefits and positioning Buenbit for a prosperous future. Through this partnership, Buenbit has harnessed the power of AWS, streamlined its infrastructure, and set the stage for continued growth and success in the dynamic digital landscape.

Sucess Stories – miR Scientific

About miR Scientific

miR Scientific, LLC is a healthcare company committed to transforming cancer management worldwide by providing early and accurate disease detection, characterization, and monitoring. The company has developed the miR Disease Management Platform®, a proprietary, non-invasive platform for the effective management of specific diseases, initially focused on urological cancers. The platform is powered by the miR Sentinel® Prostate Cancer Test, a liquid urine biopsy test that can accurately detect, classify and monitor prostate cancer based on the integration of small non-coding RNAs extracted from urinary exosomes.

miR Scientific Website

DinoCloud, renowned for its expertise in migrating sensitive data to the cloud, was chosen as miR Scientific’s trusted technology partner. By leveraging the power of AWS serverless technologies, DinoCloud aimed to build a cloud-native infrastructure that would ensure secure data handling, scalability, and operational efficiency for miR Scientific.

Harnessing Scalability, Security, and Cost Optimization for Breakthrough Medical Analysis

miR Scientific, a company belonging to the Huminn Group, worked alongside DinoCloud and AWS in a serverless and HIPAA-compliant architecture to gain momentum and scalability with their innovative analysis for the detection of prostate cancer. DinoCloud is a leading company in creating, migrating, and optimizing products deployed in the cloud.

miR Scientific has made a groundbreaking contribution to the health community with miR Sentinel™, a non-invasive liquid biopsy urine test that detects, classifies, and monitors prostate cancer at the molecular level. As miR Sentinel™ rapidly gained popularity across various US states, the need for a cloud environment capable of handling high volumes of file traffic and complying with health-related standards and regulations emerged. This required ensuring secure management of super-sensitive patient data in accordance with HIPAA guidelines.

DinoCloud approached the project progressively, utilizing AWS serverless technologies to ensure HIPAA compliance without burdening miR Scientific with infrastructure management. Critical components of the solution included the development of the Classifier, a web portal for securely uploading test result files. Integration with Okta, an identity authentication solution, enabled controlled data flow from the laboratory to healthcare providers, ensuring data integrity and preventing unauthorized access.

The collaboration between miR Scientific, DinoCloud, and AWS resulted in transformative outcomes for the company’s prostate cancer detection capabilities. The cloud migration and modernization project yielded the following benefits:

  • Scalability: miR Scientific gained the ability to handle patient data seamlessly, scaling from a single patient to hundreds of thousands without compromising performance or security.
  • Cost Optimization: By leveraging serverless technologies and pay-per-transaction pricing models, miR Scientific achieved optimized cost structures, aligning expenses with actual usage and reducing operational overhead.
  • Enhanced Security: The migration to a HIPAA-compliant cloud infrastructure ensured improved data security and regulatory compliance, safeguarding patient information and fostering trust among healthcare professionals and patients.

AWS Services used in this migration and modernization project

To enable the successful cloud migration and modernization of miR Scientific’s prostate cancer detection platform, the following AWS services were utilized:

  • Amazon EC2: Amazon EC2 was crucial in providing managed file storage and efficient data processing capabilities. It ensured reliable storage and retrieval of patient data, facilitating seamless operations throughout the analysis workflow.
  • AWS Lambda: AWS Lambda was leveraged for backend processing and seamless data integration. It enabled the execution of scalable and efficient computations, allowing for real-time data analysis and integration with other systems.
  • API Gateway: API Gateway was pivotal for handling frontend-to-backend request traffic. It provided a secure and reliable entry point for external systems to communicate with miR Scientific’s cloud infrastructure, ensuring seamless data transmission and processing.
  • AWS WAF: AWS WAF was employed to enhance the security of miR Scientific’s cloud environment. It offered protection against web-based attacks and helped safeguard sensitive patient data from unauthorized access and potential threats.
  • AWS GuardDuty: For continuous monitoring and threat detection, AWS GuardDuty was utilized. It provided proactive security monitoring, detecting and alerting on potential security issues or anomalies within miR Scientific’s cloud infrastructure, ensuring the safety and integrity of patient data.
  • DynamoDB: DynamoDB served as the core database technology, facilitating the orchestration and coordination of services within miR Scientific’s cloud ecosystem. It enabled efficient data storage, retrieval, and management, ensuring reliable access to patient records and analysis results.
  • Amazon ECS Fargate: Amazon ECS Fargate played a vital role in container management, enabling scalability and resource optimization within miR Scientific’s cloud environment. It efficiently managed containerized applications, ensuring optimal performance and resource allocation for seamless and cost-effective operations.

Conclusion

The successful migration and modernization project led by DinoCloud empowered miR Scientific to revolutionize prostate cancer detection. With the cloud-native infrastructure built on AWS, miR Scientific is poised to significantly impact the healthcare industry, driving advancements in non-invasive cancer diagnostics and improving patient outcomes.

Sucess Stories – Shake Again

Shake Again moved to the AWS Cloud

Its road to digital transformation alongside DinoCloud

Shake Again is a company dedicated to digital services in marketing and technology. Shake Again is present in 4 countries and continues to grow daily. This recent growth began to generate a new need within the company: to continue offering an excellent service level while meeting the needs of a volatile and expanding market.

Visit Shake Again site

DinoCloud, leaders in the adoption of global innovation technologies and cloud computing, have professional teams with the technical expertise to accompany companies in adopting cloud technologies. Shake Again approached DinoCloud with a need, and after months of work, they now have a cloud infrastructure to deploy their applications.

The challenge of this project was the creation of an infrastructure for the development, staging, and production environments, covering the application, networking, and persistence layers. Implementations were executed for all CI and CD environments using GitLab pipelines. 

This was addressed using automation tools and the deployment of frontend and backend services. On the other hand, a database was created for dev and staging and another for production with database migration execution and cron jobs execution for each environment. Finally, application autoscaling and the implementation of a load balancer were implemented.

Project duration and objectives achieved

The project lasted three months and was divided into five different milestones:

  1. Knowledge of the application and understanding of its components and architecture
  2. Setting up an AWS account and registering for local billing
  3. Application architecture design and validation
  4. Infrastructure deployment
  5. Application deployment

AWS technologies and services used

The following technologies have been used in this project:

  • Terraform: This technology was used to create the different environments required, raising the networking, application, and persistence layers with the services that each layer implies. And the corresponding configurations to save the states of the created resources in an S3 bucket.
  • Git: It is the tool used for the repository version control system and GitLab for git repository management, code reviews, issue tracking, activity sources, storage of both backend and frontend repositories as well as the repository that holds the terraform code. GitLab pipeline for continuous integration (CI) and continuous deployment of services (CD) 
  • AWS: To support all the infrastructure required for customer services.
  • Cli-AWS: For various purposes, such as validating the creation and configuration of AWS resources and accessing ECS containers.

The AWS services that were part of this project were:

At the networking level

  • VPC: To logically isolate our private virtual network
  • Subnet: To logically divide our VPC and to be able to tie resources if we want to have public or private access.
  • Internet gateway: To enable communication between the VPC and the Internet.
  • Nat Gateway: To allow private subnet services to access the Internet, but external Internet services cannot connect to these resources. It only outputs to the Internet.

Persistence

  • RDS Aurora: To support the persistence layer required for storing data generated by MySQL technology applications.
  • Bucket S3: For storage of files sent from different applications.

At the application level

  • ECR: To store all the docker images for each of the services
  • IAM: It was used to manage the different services’ users, roles, and profiles required to perform specific actions on other resources.
  • SG Firewall: To allow traffic in and out to the resource that is tied up.
  • ALB: To create the access point to the ECS services used to distribute traffic and validate the status of the destination points. 
  • ECS: For the definition of the containers that provide frontend and backend services, as well as for the execution of cron jobs.
  • Fargate: Service used as a worker to allow the execution of the containers created by the ECS services.
  • EC2: To create bastions and access to private subnetworks and private RDS. They were also used to create the GitLab runners that support the execution of the pipeline. 
  • CloudWatch: For logging logs generated by the containers.
  • ACM: For the creation and management of SSL certificates.

Conclusion and results

All the objectives were achieved, including implementing the infrastructure for the different environments using the terraform tool, maintaining the management of layers (networking, application, and persistence), and implementing CI-CD to deploy services in each environment. Each branch has a specific runner assigned to it where the pipeline corresponding to the environment is executed. 

Each developed environment was tested by validating the correct deployment of frontend and backend services, as well as the execution of cronjobs and database migration in each of the environments. The HTTP to HTTPS redirection was also validated in the application load balancer implemented for each environment.

Now, Shake Again has a cloud infrastructure that can cope with the recent growth they have experienced. Being able to deploy its applications in the cloud allows Shake Again to expand into new territories and markets, predicting even more significant growth and a faster, more efficient return on investment.

Get in touch

(*) Required fields

Success Stories – Finket

Success Stories – Finket

Performance and security: Finket’s journey with DinoCloud and AWS

C-Tech S.A. is an Argentinian company dedicated to providing financial technology consulting and solutions for companies of all sizes. One of the leading products they have developed is their virtual wallet, Finket. This virtual wallet aims to take its users into the world of digitalization and online banking, allowing them to carry out transactions without leaving their homes.

Visit Finket

DinoCloud, an AWS Premier Partner, has the tools and expertise in the financial world to enhance the scalability and security of financial companies’ applications and products. DinoCloud has several success stories in the fintech world that testify to its technical expertise in developing healthy and, above all, protected virtual environments due to the high sensitivity of the data these companies manage.

The Finket virtual wallet is already deployed on AWS in a secure, reliable, and scalable environment; however, DinoCloud and C-Tech had to overcome some technical challenges to achieve this. These include the following:

  • Validation and verification of the current architecture following Well-Architected Framework best practices.
  • Remediation of risks encountered in tandem with C-Tech.
  • Consulting on AWS environments.

Project duration

The project was developed over six months with a dedication of 80 hours per month (480 total) between 09/01/2022 and 02/01/2023.
It took the active participation of the client and a team consisting of a Solution Architect, a Cloud Engineer, and a Project Manager.

Review and remediation process

For the completion of the project, the following process was used to understand the architecture, evaluate the business’s specific needs and define the risks to which the workload was exposed.

At the same time, as part of the process and working with C-Tech, we prioritize implementing the services and adjustments needed to maximize business value and strengthen the deployed infrastructure. 

1- Customer Assessment

We conducted interviews with the client to achieve a first understanding and approximation of the workload at a technical and business level to be analyzed.

2- Primary Analysis

First analysis of the workload. With access to the AWS account and supported by the preliminary assessment with the client, we could know the infrastructure’s real and most recent status.

3- Secondary Analysis / Well-Architected Framework tool Review

Review through the “AWS Well-Architected Tool” on the defined workload. A milestone was established as a baseline. This milestone will be used to evaluate the improvements achieved at the end of the project.

4- Recommendations by pillar

Based on the best practices recommended by AWS, those associated with high risks are mapped and prioritized according to the remediation effort and the resulting impact on the business.

5- Remediation by pillar

Implementation of the defined recommendations. Generation of a new milestone in the “AWS Well-Architected Tool” considering the implemented improvements.  Evaluation of the final state concerning the initial state.

Improvements implemented

We started with an initial status of 34 high risks, according to the WAF tool. As a result of the project, we were able to mitigate approximately 65% of these risks, achieving a final status of 12 high risks.

The following are the best practices that were promoted and whose compliance was validated by the DinoCloud team in conjunction with those responsible at C-Tech. In addition, the services evaluated, activated, or reinforced during the review of the 5 WAF pillars for the Finket workload are presented.

Deployed AWS services

SecurityIAM Identity Center
AWS Organizations
MFA AWS (Token AWS CLI SSO, Access by SSO URL)
Control Tower
AWS GuarDuty
KMS
S3
Elastic Load Balancing (ELB)
Amazon EBS
Amazon RDS
Amazon CloudWatch Events
IAM
Amazon CloudWatch
Cost optimizationAWS Budgets
AWS Cost and Usage Report 
AWS Cost Explorer
AWS Auto Scaling
AWS Lambda
AWS Cost and Usage Report
ReliabilityService Quotas
AWS Auto Scaling
Amazon CloudWatch
AWS CloudTrail
AWS CloudFormation 
Amazon S3 
Amazon Route 53 (DNS, Health Checkers)
Performance EfficiencyAWS Auto Scaling Amazon
Elastic Block Store (EBS) 
Amazon Simple 
Storage Service (S3)
AWS Lambda Amazon RDS
AWS CloudFormation
Amazon CloudWatch
AWS Lambda
Amazon RDS Amazon
Amazon CloudFront
Operational excellenceCloudformation
AWS Cloudtrail
Amazon CloudWatch

Get in touch

(*) Required fields