Large International Food Importer
An extreme weather event cut this importer off from sources and clients worldwide. We rebuilt their entire platform in Microsoft Azure — and downtime effectively disappeared.
For years, this large international food importer felt confident with an internal network and on-premise server room: domain controllers, an aging SQL cluster driving their import/ERP system, and file servers holding customs and compliance documentation.
Their vulnerability became apparent when an extreme weather event knocked out power and WAN connectivity to the building — cutting the company off from suppliers and clients around the world for days. Orders froze mid-transit, customs filings slipped, and every hour offline carried six-figure exposure across perishable shipments.
“The storm that used to be an existential threat is now a non-event. Our team worked from home while the neighborhood was dark — orders never stopped.”
The approach
Discovery & risk mapping
Two-week assessment of every workload: dependency mapping of the ERP/SQL stack, RPO/RTO targets per system, bandwidth profiling, and a cost model comparing on-prem refresh vs. Azure.
Landing zone & security design
Designed an Azure landing zone with hub-and-spoke virtual networks, Entra ID with Conditional Access and MFA for all users, and security policies protecting every endpoint before a single server moved.
Phased migration
Lifted the SQL environment to Azure SQL Managed Instance, rebuilt file shares on Azure Files, published apps through Azure Virtual Desktop, and connected the warehouses with site-to-site VPN plus per-user P2S for travel. Cut-over ran over a weekend with parallel-run validation.
Protect & operate
Layered on Exchange Online Protection with cloud spam filtering, Defender for Endpoint EDR, immutable cloud backups, and a tested disaster-recovery runbook. NetSys monitors the environment 24/7 and responds to issues as they arise.
- Azure Virtual Machines (Dsv5)
- Azure SQL Managed Instance
- Azure Files
- Azure Virtual Desktop
- Entra ID P2 + Conditional Access
- Multifactor Authentication
- Defender for Endpoint (EDR)
- Exchange Online Protection
- Immutable cloud backups
- Site-to-site + P2S VPN
The results
Q4 '24 spike is the storm event that triggered the migration. Post-migration downtime reflects two brief, planned maintenance windows.
View data table
| Downtime (hours) | |
|---|---|
| Q1 '24 | 26 |
| Q2 '24 | 31 |
| Q3 '24 | 19 |
| Q4 '24 | 38 |
| Q1 '25 | 3 |
| Q2 '25 | 1 |
| Q3 '25 | 2 |
| Q4 '25 | 0 |
More case studies
Start with a free assessment — or the pen test.
Every engagement above began the same way: an honest look at where things stood. Take a scored assessment online, or book a free on-site penetration test and see your environment the way an attacker does.
