Engineering firm uses cloud storage to speed file loads, and then unplugs its MPLS net

Moving to Panzura also facilitated the migration from AWS to Azure and helps safeguard against ransomeware

1 2 Page 2
Page 2 of 2

But we’ve ended up going cloud first for just about everything else.  We’re Workday HRIS, cloud-based telephony, cloud-based storage, Azure cloud-based infrastructure for IT, Office 365, so cloud-based productivity software.  For us, it’s pretty much all cloud. It keeps us nimble. There’s always the possibility of acquisitions and partnerships and it makes it easy for us.  Instead of buying hardware we just have to spin up three or four more accounts, or 100 more accounts for email, or this and that.

Is cloud first a mandate from management or is it just the way it works these days?

It’s not necessarily a mandate from management, but being keyed into the direction the company is going, it makes the most sense for us to work that way.

It’s remarkable how fast we’ve gotten to that point, isn’t it?  We talked about it for a long time and now it is simply reality.

It’s all because it’s easier.  We do our due diligence and I’m confident that our vendors can secure our data better than we can.  Long gone are the days when we’re going to win an engineering project because we have better server hardware than somebody else.  It’s all commoditized so why should we worry about managing it?

Given you are an engineering company, I presume the engineering environment represents the bulk of the company’s compute needs?

Rather than saying engineering, I’d say our production environment -- which is engineering and operations and sciences – represents about 80%-85% of our compute, and the rest is back office, finance, HR, risk.

Long term, does Panzura pick up more of your cloud storage needs, or do you end up with multiple silos? 

We have Microsoft OneDrive, and we’re keeping that.  And there’s collaborative storage within SharePoint online.  For us, Panzura is our project and corporate data storage, and it is really unstructured data.  Our SQL databases don’t sit on it, things like that.  We still have needs for other storage and obviously the storage that comes with all the Azure VMs.  This is primarily our corporate and our project documentation storage.

So you end up with multiple cloud silos?

We’re working to reduce that to as few as possible.  We’ve made a conscious decision not to have six different cloud storage vendors or multiple cloud vendors for this and that.  We’re trying to consolidate as much of our infrastructure into as few silos as we possibly can.

Were you a big VMware shop?

Yes, and we still have about 50 servers on VMware in our colocation facility.

What happens to that longterm?

It’s tough for us not to just spin stuff up in Azure.  We need a new server to run an application or do some sort of compute, it gets spun up in Azure.  I think long term our use of VMware will shrink. 

Ok, anything I missed?

There is an interesting ransomware angle.  The company got hit when they were on NetApp before I got here, and in my previous location we got hit when ransomware first came out and we were able to roll back to a NetApp snapshot even though the ransomware had spent the day encrypting thousands of files.  And we’ve since been hit a couple of times and it’s caused some low-grade infections on Panzura, but with scripting and their global snapshots, we were able to restore those files back, not within days, but within hours of infection. We snapshot all of our project data and hold those snapshots for years.  So even if I erased a file and I haven’t seen it for six months, we can go back and find that file in the Panzura system.

How did you get hit?  Was it a social engineering type thing?

We’ve been hit both through social engineering, spear phishing and exploits on websites hitting machines that weren’t fully patched.  We’ve since improved our patching mechanisms and also are working through educational campaigns with end users on how to deal with emails and sites and stuff like that.  It’s very rampant, very rampant.  And the fact that you can get it through browser exploits now just makes it that much worse.   One thing we’ve done is

eliminate drive letters in the network.  We only go by path now.  We’ll see if that helps.

 

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2016 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
IT Salary Survey: The results are in