GDPR compliance and high availability of an e-commerce site through DevOps transformation

Scott Sports is a 60 years old company that develops cutting-edge technology sport’s equipment’s. They early built their e-commerce platform on AWS to support their business need of product distribution, first by being B2B only and now by targeting the B2C channel. This platform have a worldwide presence and support many brands owned by Scott Sports (Scott Sports, Poivre Blanc, Dolomite, … ) which means they now have less downtime windows to manage the platform.

Challenges

“Organization focused on delivering e commerce customization”

“DevOps foundation with many manual activities (e.g. infrastructure, deployment)”

“Product based eCommerce platform powered by SAP Hybris”

“Not yet fully compliant with GDPR requirements”

Our Solution

First we’ve worked with Scott Sport’s technical team to assess the situation, this was done by performing a series of exploratory & projections workshops. Then we’ve exposed to them our recommendations and we built with them a 1 year roadmap achieving their target.

Among the large number of topics covered, the following 3 projects have been successfully delivered :

Mass migrate workloads between regions

During this agile migration that moved all US workload from a US region to a EU region, we had to respect a new constraint that improved the segregation of assets by introducing multiple new accounts, each one dedicated to a specific purpose. We also took advantage of this migration to introduce the usage of CloudFormation and Ansible which helped us having a high level of automation and reliability the moment we were provisioning all the assets.

Implement Cloud Governance for using AWS at scale

The challenge of any company using AWS is to control the cost and the security without limiting the experimentation and the innovation. To do so we’ve initiated a strategy, based on a set of rules we defined, automatically enforced across all the isolated AWS accounts using tags, AWS Config and remediation actions .

Go serverless with DevOps

To ensure a high level of reliability and to be sure that the delivery toolchain is always ready to use, we’ve made use of CodeBuild and their environment custom image feature to build Hybris source code using a Hybris Docker image we’ve built. Then we’ve created the CodeDeploy templates managing the deployment workflow of Hybris’s servers and we’ve used a CodePipeline instances to orchestrate all the steps that deliver the application from the source code to each of the servers in a multi AWS account context.

Benefits

Faster and more reliable release cycle

By leveraging in place agile practices and using the AWS Serverless CICD stack Scott sports divided by 4 the downtime of the ecommerce platform and created an end-to-end delivery pipeline without provisioning or maintaining any infrastructure to support it

GDPR compliance

Scott Sports became GDPR compliant due to the US to EU migration, which improved the data security and resulted in a leaner, more efficient security practice.
This migration has also brought closer the AWS’s assets to the on premise’s assets which improved the global performance of the Scott Sports e-commerce platform by reducing the network latencies.

Control and security over entire infrastructure

With the introduction of CloudFormation, isolation with a multi account strategy coupled to a set of rules enforcing them, Scott Sports is now able to provision their assets very easily and with reliability while having the security and the cost constantly under control

Partners

Need more information ?

Contact our specialists

Contact-us