Elevating Operational Control: How DoiT and Google Empowered Optessa for Industry Compliance Success
Meet Optessa
Optessa, a division of Eyelit Technologies, is a global leader in Advanced Planning and Scheduling (APS) software, revolutionizing manufacturing coordination. Headquartered in Edmonton, Canada, with additional offices in the US and India, Optessa’s comprehensive solutions, backed by patented algorithms, guarantee mathematically precise results. Manufacturing’s complex web demands coordination and Optessa’s APS platform provides an unparalleled foundation. The platform adapts to diverse challenges without extra coding, offering planning, sequencing, and scheduling solutions that outperform competitors. With seamless integration into existing systems, Optessa ensures optimal efficiency. Its web-based platform, agile implementation, and global success attest to Optessa’s commitment to delivering unmatched customer satisfaction since its founding in 2001.
The Challenge
Optessa faced a significant challenge in preparing for SOC2 compliance, necessitating direct, audit-ready control over its Google Cloud production environment. Because it was managed by a third party, this setup posed obstacles to meeting compliance standards by limiting visibility and slowing remediation. Overcoming those obstacles required the migration of critical products and resources, such as VMs and Load Balancing, back under Optessa’s organizational control with standardized IAM and centralized logging to evidence controls. This shift not only ensured more direct oversight, but also demonstrably aligned operations with the stringent security and operational requirements of SOC2.
Understanding the complexity of this migration and the need for low-disruption, sequenced execution, Optessa turned to DoiT. DoiT’s cloud optimization and migration expertise was paramount to start working on the project to re-establishing control over Optessa’s production environment with clear ownership and accountability.
The Solution
In addressing Optessa’s challenges, DoiT and the Google Cloud teams embarked on a structured, audit-conscious journey to ensure a robust solution. The process began with collaborative discovery sessions, bringing all stakeholders together to comprehensively assess needs and potential risks. DoiT’s in-depth analysis of environments involved meticulous inventory checks and rigorous verification of marketplace products, including identifying and rectifying policy drift and undocumented exceptions.
Following the initial discovery phase, DoiT presented a detailed migration plan, outlining precise steps for both parties. The team directed the third party involved, addressing concerns related to IAM permissions and providing troubleshooting support.
Throughout the migration, DoiT maintained active coordination with Optessa, offering clear directives for initial preparation and running dry-runs to de-risk the process. In an added layer of assurance, DoiT played a crucial role in Quality Assurance (QA), ensuring that the migration met Optessa’s immediate requirements and left audit-ready evidence aligned to the stringent standards of SOC2.
The emphasis on SOC2 compliance underscored DoiT’s commitment to enhancing Optessa’s security posture. The culmination of this collaborative effort was marked by a comprehensive final sign-off, complete with updated runbooks and ownership maps, reflecting DoiT’s dedication to delivering a solution that not only resolved immediate challenges but also positioned Optessa for sustained operational excellence and regulatory compliance.
The Results
Optessa has achieved a transformative outcome with its production environment and resources now securely residing under its organizational control, reducing dependency on third parties and clarifying accountability. This shift ensures enhanced oversight and positions Optessa for future challenges, notably shortening evidence-collection cycles and streamlining preparations for the impending SOC2 audit process. The successful collaboration with DoiT has yielded a resilient and compliant infrastructure, improving change velocity without sacrificing control, aligning seamlessly with Optessa’s commitment to operational excellence and robust security measures.
What's Next?
With control reinstated, Optessa stands well-prepared to navigate the complexities of future audits, operationalizing compliance via codified runbooks and governance rhythms, ensuring the longevity of its optimized and secure operational environment.