01. Challenge
– “10 years on the market, time to refresh.”
A client came to us with the idea of rebuilding an existing platform on the market for 10 years. Even though his customers were satisfied with the platform it was hard to maintain and expand. We have partnered with the client as a technology provider and advisor.
Given a Client’s main product is a CRM system, the Client delivers the product as a set of white-label solutions to its own customers. For customers, it is crucial to be sure that their environment is isolated from others and that their data is protected. For our Client, it is essential to scale its infrastructure in an easily predictable way.
After the discovery phase, we decided to:
> Create a new generation of product UI/UX based on years of experience
> Develop a health insurance platform for companies and individual agents
> The key point was to safely migrate data & clients from the legacy system to the new one
02. Solution
In order to develop a new solution, we built it in parallel with the existing legacy system, which continued to be used by our existing clients. Our success hinged on successfully migrating sensitive data to the new system, which took approximately three quarters to accomplish. Our migration strategy enabled us to successfully transfer 80% of our active clients to the new system quickly. Would you like more details on how we accomplished this?
The solution has three layers (aspects):
>Separation of access
>Infrastructure implementation
>Tenant separation
Separation of access is done with AWS accounts. As a result, there are two environments:
> Development. This environment doesn’t contain customer data. All the developers have full(root) access to this environment.
> Production. This environment contains customers` data. A limited number of developers have access to this environment to this environment. All the operations with this environment should be done through CI/CD.
Benefits we are getting:
> Environments are fully isolated
> We control a list of users and their permissions in one place
> We are logging access with cloud trail
Developers can’t directly access production they are forced to implement Infrastructure as code (IaC) and automate all operations.
Infrastructure perspective
Each environment is isolated inside its own VPC. Each environment has an EKS and an autoscaling group attached to the environment. The instances do not belong to the public subnets, so we also need to have NAT.
Set of services specific for a tenant
Redis
Amazon S3
Amazon RDS
03. Impact
Some nubers:
Prospects records – 34 216 928
Users – 10 907
Tenants – 12
> Successful lunch of the brand-new product
> Help to reach product-market fit and evolve technical part accordingly (move to tenant model with migration into Kubernetes)
> Developed optimized search for prospects that accounts for the lifecycle of the lead
> Implemented a custom platform for voice communication via phone from the system
Created a solution for paper and digital mail delivery that depends on the prospects
