In the course of working with varied clients drawn from different sectors of public service and industry, we are able to present the following examples of our work.
Due to the secure nature of some of the sites, we are not able to identify each individual client and the project we performed for them.
Infrastructure for Big Data
The client’s IT department had been mandated to support a system backed by a database that was expected to grow to several thousand times the size of the next largest database they supported. Being a predominantly Microsoft shop and knowing the new database would be Oracle, Achean was tasked to identify and implement a suitable infrastructure to support the new system. There were also notable constraints, particularly on budget.
Despite this, the ambitions the client had for their new platform were high. Chief among them was to multi-tenant the platform with other databases for their legacy systems once the platform was proven. Other than this, they sought to re-use as much existing infrastructure and hardware as possible to keep cost down and to produce a system that could be regarded as ‘best of breed’. They were also concerned about performance.
Achean identified that the client’s existing SAN had sufficient expansion capacity to be utilised within the solution, thereby saving money. On Achean’s advice, Oracle Real Application Clusters running on blade servers was chosen as representing the best way to provide a horizontally scalable solution that could be expanded over time. Red Hat Linux was chosen as the OS.
Achean provided an architectural blueprint for the platform, introduced new technologies and support for the ongoing operations. Training was also delivered to the client’s technical support group.
The platform has been in operation for several years and has met the demands placed upon it. Over time, more databases have been added to the platform, which has been doubled in capacity since go-live.
Interfacing a Human Resources System to a Workforce Management System
A greenfield implementation of a Workforce Management System (WMS) that had already been purchased by the client needed to be interfaced to the legacy HR system. This was a significant challenge for the organisation as the HR system was not based on a relational data model, did not implement transaction and could not identify atomic updates to the information it contained. Thus, there was no way to computationally recognise that any data in the HR system had ever changed. The client was working around this issue by manually entering the same information into both systems. A costly and time consuming process. This presented the client with a major headache, since the justification for the WMS was to generate substantial cost savings based on the HR information being interfaced.
Working with the client we were able to identify a mechanism which enabled an asynchronous process to extract data from the HR system and make a comparison with the data stored in the WMS. A decision engine coded by an Achean consultant was then able to call the APIs for the WMS system to ensure that the data was interfaced successfully. Full monitoring and error reporting facilities were incorporated into the delivery.
Security Assessment for a Confidential Web Application
The client had commissioned a web application to enable customers to place requests and view reports containing very highly confidential and personally identifying information that was likely to be of interest to criminal gangs who may try to subvert security on the system. Knowing of the reputation that Achean has for high security systems, we were contacted to provide assurance that the system was secured against any reasonable threat.
A number of security assessments over a period of several months were planned and carried out based around the well respected OWASP testing methodology. Each assessment began with a network penetration test and a catalogue of the result of these was used to identify a number of further areas for assessment. Each area identified was thoroughly tested using both black hat and white hat techniques against infrastructure and application targets.
The result of these assessments was a substantial report that described:
- potential risks to the security of the infrastructure and web application
- the seriousness of vulnerabilities discovered
- the likelihood of an actual security breach occurring
- what remedial action was required
The client was able to use the report to prove to their customers that they took the security of their data seriously and that they implemented ongoing security reviews, as well as improving security overall.