Softcat’s Cloud Native Engineering To Support CDP With Its Global Environmental Impact Disclosure Platform :: Softcat
Skip to main content

Login to eCAT

Customer Support
Contact Sales
Case Study

Softcat’s Cloud Native Engineering To Support CDP With Its Global Environmental Impact Disclosure Platform

Solutions Provided

Industry

Share Case Study

Carbon Disclosure Project (CDP) is a not-for-profit charity that runs the global disclosure system for investors, companies, cities, states and regions to manage their environmental impacts. The world’s economy looks to CDP as the gold standard of environmental reporting with the richest and most comprehensive dataset on corporate and city action. To support such growth compounded by the critical business task of measuring, managing and reporting risks and opportunities on climate change, water security and deforestation, CDP embarked on a new initiative 18-months ago to re-design its platform.

The Challenge

To manage the meteoric growth with its global platform, CDP established a strategic initiative to build the next generation of its platform, in Microsoft Azure.

This journey began with an incumbent global managed service partner, but hidden costs and responsiveness caused CDP to halt the new build mid-way through the project.  At this point, the existing relationship with Softcat resulted in a conversation around Softcat’s capabilities to assume responsibility for the project and resulting service.

While Softcat has a highly repeatable model for assuming responsibility for existing cloud environments, some initial critical discovery was required to determine the state of the build and adapt the standalone code build for the new CDP environment into something that was truly scalable.

During the initial engagement, it was also highlighted that there was need for not only 24x7x365 PlatformOps but also integrated SecOps.

Lastly, there was a particular emphasis on cost, as while the existing platform was small in use, it was expected that changes in the CDP business model, coinciding with the new platform release would result in exponential growth.  This it was fundamental to ensure the platform itself was scalable but closely monitored for cost usage.

“The future of our business was dependant on the ability to release a new scalable and efficient platform.  But at a critical point in this release, we released our incumbent partner was no longer the right fit for our business.  Softcat were immediately on-hand to provide advice and offer solutions as to how we could proceed.  Their proactiveness meant the project was back on-track with our new found confidence to get it released.” Andrew Gilbert, Director of Enterprise Systems and Technology, Source BioScience

Key facts

• Global environmental impact disclosure platform

• Over 700 Capital Market Signatories representing more than US$142 trillion in assets requested companies disclose through CDP on climate change, forests and water security

• Over 23,000 companies representing two thirds of global market capitalization reported through CDP on climate change, forests and water security

 

The Solution

Based on the initial engagement, there were two clear objectives; firstly, review the state of build to date then finalise the build followed by onboarding the new platform into Softcat’s 24x7x365 PlatformOps, ensuring a code first approach for ultimate scalability.  Secondly, support CDP with the design, integration and 24x7x365 SecOps for its new Azure platform leveraging Microsoft Sentinel.

On this basis, a programme team was formed, combining a project manager, lead site reliability engineer, Architect and lead cyber engineer.  A plan was structured to focus on the first objective as the priority, but with a summary of both workstream deliveries as follows:

· Azure Platform review, build completion and onboarding into a Softcat Managed Service / PlatformOps; the build to date was as a code first deployment but in lots of cases not fully templated or designed for scale.  Softcat reverse engineered this into its standard including Terraform for Infrastructure as Code, with GitHub to automate deployment workflow through a series of CI/CD pipelines.  Some minor improvements (security, architecture, reliability, commercial) were identified and remediated as part of the resulting onboarding into the Softcat Managed Service.

Post go-live into Softcat support, the aligned Softcat Architect and engineering team have supported CDP with several further project engagements including Azure API Migrations (due to Microsoft service deprecations), disaster recovery and data platform design.

· SecOps Onboarding; as above, as a follow on engagement, several sources were identified to ensure overarching 24x7x365 security operations.  Initial scope identified Microsoft Sentinel as the optimum fit and aligned to the standard applied via Softcat’s 24x7x365 SecOps service.  Onboarding including configuring of the platform and sources was completed with a smooth handover into live support.

“The journey with the customer was fast paced and exciting on multiple levels. We had tight timelines to help the CDP transition away from an incumbent partner, while meeting go-live dates for their new platform and managing multiple Azure engineering and cyber security workstreams. The result is a thriving partnership where our teams are enthused about working together.” - Matt Larder, Head of Cloud at Softcat.

 

Highlights

• Integrated 24x7x365 Azure PlatformOps and CyberOps

• Code first, fully automated deployment of global SaaS platform platform

• Ongoing architectural oversight to help shape new projects (DR, Data) in line with best practice and operational efficiency.

 

The Benefits

The key results are:

• A highly automated and standardised Azure platform with a Softcat 24x7x365 managed service for PlatformOps and SecOps to ensure continuous and proactive governance (architecture, commercial, security and reliability).

• A future-proof platform leveraging market leading tools and process for infrastructure as a code (IAC) and automation pipelines.

• Adoption of Softcat standards for IAC misconfiguration scanning and compliance automation, including Microsoft Azure Policy enforcement via Softcat tailored policies based on the Azure Security Benchmark.

• Aligned engineering and architecture resources to support the future needs of CDP as the platform evolves, matures and grows.

• Integrated FinOps function to govern the cost of Azure against the 6x increase in usage.

“The end-to-end process was extremely efficient, including the engineering of our new Azure platform, and integrated onboarding into both Softcat’s PlatformOps and SecOps.  Softcat has provided the assurances to support our platform which has seen 6x growth in recent months.  Crucially we’ve found a new partner with Softcat, who have the maturity to flex to our needs as a growing business but the maturity to support said growth with a structured approach”  Andrew Gilbert, Director of Enterprise Systems and Technology, Source BioScience

 

At a glance

• A mature partner to provide 24x7x365 Microsoft Azure PlatformOps and SecOps

• Programmatic provisioning and management of the Azure platform via Infrastructure as Code (Terraform by Hashicorp) and automated pipelines (GitHub Actions).

• FinOps to help govern the cost of Azure against the 6x increase in usage.