Cloud Migration

A county in Maryland faced issues with its website, such as slow website performance, outdated network infrastructure, increased calls to the customer support team, and a high impact on the website’s user experience. The county wanted to improve the user experience on the websites by eliminating these issues. Infojini was involved in analyzing the risk of its architecture, improving security, and migrating its website by complying with all security requirements using Amazon Web Services.

As part of the cloud migration project, our team was responsible for migrating 15+ websites from existing on-premises hosting to Amazon Web Services (AWS), adhering to HIPAA regulations. Along with migration, we set up website security using a web application firewall on hosting servers, emails, FTP, and multiple environments, such as development, testing, and production environments. Our project approach included:

Migration & Environment Setup

• WordPress and Joomla CMS set up on servers, Apache webserver configuration, Email setup, FTP setup
• Migrating the website and database files to the cloud environment
• QA testing of the migrated website
• Domain redirection to the cloud-hosted servers

Performance & Availability Improvement

To make the website highly responsive to user load, we deployed the following solution:

• Application load balancer to have a server backup
• Varnish cache to render web pages from cache to speed up performance
• Distributed architecture involving an RDS (database server)

Web Application Firewall Setup

Using the following features, we implemented a web application firewall with security rules to prevent cyber-attacks:

• IP-based traffic filtering – If there are unusual hits from an IP address within a time span, the IP address gets blocked
• Geography-based traffic filtering – User traffic outside the United States is blocked

HIPAA Security Setup

We implemented HIPAA security configuration for one of the county websites, which has personally identifiable information. We implemented the following system configuration for this setup:

• VPC (Virtual Private Cloud) – Any external IP doesn’t have direct access to the systems within the private cloud
• Encryption of data at rest using SHA-1 encryption
• NACL (Network Access Control List)

Ongoing Maintenance

• Automated monitoring for system uptime and email alerts for fault notifications
• 24/7 support for resolving issues with websites and hosting support

Please find out more about how we did it.