Securing a Legal Client's System With No Disruptions

A Full System Upgrade, Without Unpleasant Surprises? Yes, It’s Possible

Case study coauthored by Andrei Ismail, Catalin Andrei and Emma Ungureanu.

Once upon a time, there was a tech-enabled law firm that provided document analyses to the financial services industry. This law firm worked with various parties active in capital markets, analyzing credit agreements and other types of contracts to determine a creditor’s rights and obligations. The firm’s team of experts helped corporate and government clients make informed financial decisions.

One day, the firm realised the application they used to provide insights to their clients was in danger. The application’s underlying components were using old software versions, which made the system vulnerable to both functional failures and security incidents. The firm needed to upgrade this software quickly, and without major disruptions to their activities.

Vitamin Software came to the rescue. With our technical knowledge and communication skills, we built a clear work plan, thoroughly tested the entire platform after each major deployment, regularly shared progress updates with the customer, and applied changes in production only when all issues had been fixed. The result of this work is a success story where Vitamin Software proves that system upgrades can be done without stress and anxiety.

About the Customer

The Vitamin customer in this story is a tech-enabled law firm whose work is related to capital markets. Capital markets are highly complex systems, whose evolution is influenced by the decisions of many interdependent parts. For this reason, it’s safe to say that our customer’s activity is both complicated and fascinating.

So what does this firm actually do? Just like a credit bureau rates individual consumers for creditworthiness when a consumer applies for a bank loan, our customer rates a corporate or government debtor's ability to pay back debt. This firm in particular looks at the agreements and conditions under which one entity has loaned money to another entity on a capital market, and the firm assesses risks that a creditor faces.

With their team of financial and legal experts, the firm analyzes documents, market changes, and competitor activity to help their customers make informed financial decisions.

Customer Challenge: A Car With an Old Engine

Our customer provides a service based on information: high amounts of sensitive data gathered through meticulous yet holistic research, in a highly dynamic environment. And it is our customer’s responsibility to store and process this data under the highest security standards.

The firm’s main challenge was to ensure that the system they used to manage information and deliver analyses to customers remained safe and operational at all times. Think of it this way: just like you need to fix and replace parts on your car every once in a while, the components upon which our customer’s platform was built needed to be upgraded to more recent and stable software versions.

Working with old software versions was risky on multiple fronts. From a functional perspective, the system was no longer receiving updates that fix flaws and bugs, which could have led to a failure of the platform. More importantly, a system lacking these updates is vulnerable to security incidents caused by intentional attacks. For our client, these attacks are a real possibility given the nature of their business.

Our customer needed a technical partner that would upgrade their underlying system components in order to strengthen their platform’s security. Easy. However, the firm often needs to deliver urgent, time-sensitive results to their clients. So the crux of the matter was that a system upgrade had to be done with minimal interruptions to the firm’s activity.

Why the Customer Chose Vitamin

Vitamin had previously worked with this customer to stabilize their system codebase and fix existing issues with the platform’s basic functionalities. But this prior successful relationship did not guarantee that we would be chosen to perform the upgrade. Rather, our reputation and work ethic assured the customer that Vitamin Software would do the job well.

Software upgrades are daunting, because a lot of things can go wrong. If you have ever had renovation work done in your house, then you surely know that constant concern at the back of your mind: “Did the crew measure correctly, will the new furniture fit? What if the walls turn out crooked?”. A system upgrade usually brings the same amount of stress, especially when the client doesn’t know what to expect.

To soothe these concerns, we demonstrated to the client that our team had the right engineering and communication skill sets for this task.

First, we successfully took over and stabilized their system by applying our cloud infrastructure knowledge and security expertise. We also proved capable of reverse-engineering a code base with minimal documentation, a feat we have since undertaken for another customer.

Second, we again demonstrated to this client that we know how to communicate. Working with us, we make sure that clients always know what to expect at all times. We build a work plan upfront and share it with the customer’s team, provide regular status and progress updates, and ensure our work is always transparent. We also understand communication goes both ways, so we never start work until we fully understand the customer's business problem and needs. Put these skills into one team and you get Vitamin: all you need for a seamless upgrade.

The Solution: the Vitamin Shot for a Predictable Upgrade

The system upgrade was a long time coming and the customer knew it. We were familiar with the system technologies and infrastructure, so we knew what needed to be done to perform a seamless upgrade, avoiding major disruptions to the client’s business.

Our engineers worked on strengthening the system’s security from three sides:

  • The operating system for the customer’s servers was upgraded from an old, unsupported Ubuntu version to the most recent version with Long Term Support available
  • The customer’s main application and an affixed project were adapted to run on the most recent PHP 7 version available, rather than a PHP version that had reached End of Life
  • The Python utilities employed by the customer’s application were adapted to work on the most recent Python 3 version instead of unsupported Python 2

These changes involved thousands of semi-automated code modifications, and were accompanied by a thorough testing plan to ensure full coverage of client-facing features. A comprehensive list of test cases was written for all functionalities of the application and results of every test run were tracked, reported, and fixed through pair work between the quality assurance (QA) and engineering teams. This contributed greatly to the customer’s peace of mind, as they could see that we were leaving no stone unturned.

System migrations were performed gradually and a full testing round was performed after each major change. We first deployed and tested the entire application on a local environment, then on a staging environment, and only at the end in production. This way, all bugs and issues were caught before they reached the customer.

After the final release, we monitored application performance for a month. The goal was to catch and fix any issues that slipped through the cracks and ensure that the system will remain stable after it’s no longer in our hands.

Results & Benefits

You know those home makeover TV shows where the owners leave on vacation and come back to a fully redesigned bedroom? That’s basically what we did: We were that team of designers and builders that were left in charge of delivering a whole project without the client lifting a finger. (At least, that’s how this customer said they felt.)

The outcome of our work was a stable, secure system that the customer can use without fear of the system failing or being the target of a security attack. And that’s a big deal when your firm helps corporations and governments understand what to do about their finances.

But the real added value we brought to this project was the limited amount of involvement required from the customer. The Vitamin team was able to take the application, understand how it worked inside and out, upgrade it, test it, and release it back to the customer without any hassle. By keeping an eye on the cadence of commits, on communication within the Vitamin team, and on the testing results, the customer didn’t have cause to worry about the success of this project.

Next Steps

All software requires continuous maintenance for it to remain secure and operational. The kinds of upgrades Vitamin performed will be necessary again, as the underlying components evolve. The customer is planning to continue working with Vitamin on further system improvements and stabilization, to keep up with changes in the industry and in their embedded technologies.


About Vitamin Software

A product development agency, Vitamin Software specializes in taking over your product and taking it to the next level. The customer leads and we drive the product to follow.

Vitamin Software is an Amazon Web Services (AWS) Partner Network Select Consulting Partner and is Cyber Essentials Plus certified. We specialize in building, operating, and maintaining robust and secure products.

Vitamin Software builds bridges: From problem to solution, from difficult to feasible, from impossible to outstanding.
Want to know how?

Choose the best

Still trying to determine if your engineering team is set up for success and if your product is viable?

Book an initial consultation with our team to set the stage for your project's success and ensure its timeliness and quality.