Summary
- Customer Since 2015
- Headquartered in San Jose, CA, USA
- Research & Education, Midsize Enterprise
- Rick Doblin, Founder & Exec Director
- Founded in 1986, 501(c)(3) non-profit
Challenge
MAPS needed to keep its website content searchable and available during a complicated migration as well as maintain a secure cloud environment at a reasonable cost.
Benefits
- Resolved vexing security issues that prevented the Google search engine from reaching the proper MAPS web pages
- Reduced infrastructure costs by streamlining business workflows
- Provided sophisticated technical skills not found in-house
Cloud Brigade is Trusted Caretaker of Cloud Environment for Non-Profit MAPS
About MAPS
The Multidisciplinary Association for Psychedelic Studies (MAPS) is a non-profit research and educational organization. MAPS develops medical, legal, and cultural contexts for people to benefit from the careful uses of psychedelics and marijuana. With the belief that everyone has the right to heal, MAPS is developing cutting-edge treatments to transform the mental healthcare landscape globally. The organization is headquartered in San Jose, CA.
Background
MAPS has a collection of websites that are used extensively for access to the clinical research papers hosted on the sites. Additional websites focus on individual objectives of the organization. Cloud Brigade has been managing the server infrastructure and the IT security within the Amazon Web Services (AWS) cloud that hosts the MAPS’ websites and content.
Business Challenges
- Business Bottlenecks – Reorganized and streamlined internal workflows to eliminate bottlenecks
- Irresolvable Complexity – Resolved a security issue no one else could figure out
- Improving Systems and Processes – Did a technology audit and recommended best practices
- Skills and Staffing Gaps – Fill gaps in IT skills and knowledge that MAPS doesn’t have in-house
- Excessive Operational Costs – Optimized cloud infrastructure to reduce costs
Why Cloud Brigade
MAPS has engaged Cloud Brigade as a sort of jack-of-all-trades IT support organization since 2015. The relationship began with Cloud Brigade offering strategic advice and technical assistance on all sorts of IT matters. The engagement evolved to include ongoing technical support for MAPS’ AWS cloud infrastructure, application support for migrating research reports from one content management system to another, security improvements, cloud cost optimizations, and more.
Smoothing the Rough Edges of Website and Content Migration
MAPS is known worldwide as a premier source of technical research materials and studies pertaining to psychedelic substances. Global affiliates are encouraged to access the catalogued research and incorporate it into their own projects and work.
The organization has a vast content management system (CMS) – two, actually – and several websites to store and provide access to the proprietary research reports. Cloud Brigade maintains this cloud-based infrastructure and provides application support around the migration and integration work among multiple websites.
MAPS has been taking a phased approach to rolling out a new content-serving website. The original site uses a CMS called Joomla, and the intention is to migrate the entire website and the content to WordPress. As MAPS’ third party development partners worked on developing and rolling out the new site and migrating the content, Cloud Brigade made sure that affiliates could access the content without having to know which site was currently hosting the content. So, a user could request a specific document, and Cloud Brigade would take that request and route it to the appropriate CMS.
The process is transparent to the user, but the technical work behind the scenes is complex. Cloud Brigade calls it content-based routing. When a user is on the MAPS.org website and requests specific content, there is a server behind that request that has to determine which backend website and CMS to route the request to, whether it’s Joomla or WordPress. Cloud Brigade created and maintains the look-up service to quickly locate the desired content. From there the requested document can be retrieved and served to the user without delay.
“It’s not uncommon for us to support migration efforts like this one,” says Chris Miller, CEO of Cloud Brigade. “As companies work through these transitions of their websites, it’s a heavy lift and it’s very complicated to migrate, and maybe it can’t all be done at once. We provide various levels of support specific to web applications and websites and moving the data around, setting up staging sites and deploying this content-based routing. It’s complicated but it’s an area where our team really shines.”
he third party developer that was attempting to migrate the Joomla site ran into performance issues with the new WordPress site related to the massive amount of content being carried over. Cloud Brigade worked with this developer and provided support to troubleshoot and identify the causes of the extreme performance degradation. “Our team jumped in to help and found the bottlenecks that were causing the performance issues so they could be cleared out,” says Miller.
Software | Services | Partners |
CMS: Joomla WordPress | Cloud Infrastructure: Amazon EC2 (Elastic Compute), RDS (Relational Database Service), Simple Storage Service (S3), and CloudFront | AWS |
Linux, NGINX, PHP | Application Support: Complex CMS migration and integration project | NGINX |
Security: Amazon Virtual Private Cloud and AWS Identity & Access Management | WordPress |
Solving Vexing Security Issues
MAPS has experienced a few challenging IT security issues, including one that baffled other IT contractors serving this client. Bryce Montgomery, Associate Director of Marketing Communications at MAPS, describes an challenging issue that overtook the organization’s website for a while. “Somehow our website got hacked and when people searched for MAPS on Google, the search results would direct people to a bunch of ads for unrelated prescription drugs. It was a frustrating issue for us and only Cloud Brigade could figure out how this was happening and get it resolved.”
“The point of this hack was to sell prescription drugs overseas. Hackers were able to hijack traffic coming into the MAPS.org website if it was referred by a search engine such as Google,” says Miller. “Instead of reaching the MAPS website, the user would be sent to some foreign website selling prescription drugs. Making it worse, Google indexed the MAPS website and the index was picking up these redirections. The problem went on for some time until MAPS discovered it and notified us.”
Cloud Brigade figured out how this was happening and resolved the initial issue, but Google still had the incorrect indexed pages. “We had to clear that index,” says Miller. “It was tedious to extract all these different page URLs and tell Google to drop their association with the erroneous pages in their index. There was a little bit of a whack-a-mole game going on in that we made an initial purge and then we had to go back again over time. Hackers are ingenious in covering their tracks to keep from being fully discovered.” Cloud Brigade doggedly stayed with the issue until they discovered precisely how the hackers got into the system and hid their tracks. From there, total eradication of the problem was possible.
In another scenario, MAPS was experiencing a lot of spam on their request forms to access the research reports. Cloud Brigade set up a layer of bot screening on the forms using CAPTCHA and added additional security layers for both the live websites and the staging site to tightly restrict who can access the website. “This extra login layer ensures we are properly screening the people who are logging into our services and that they can only get to what they are properly authorized to access,” says Montgomery.
Optimizing the Cloud Environment and Ensuring Business Continuity
Cloud Brigade manages MAPS’ server infrastructure and security within the AWS cloud environment. “A common service we like to provide to our customers is an assessment of their infrastructure to see if there are ways to improve the configuration to reduce costs or improve security. This isn’t to say the infrastructure was set up wrong, but technology changes frequently, and we want to keep things current,” says Miller of Cloud Brigade. “We conduct an audit and make recommendations and suggest best practices according to today’s standards.”
When Cloud Brigade looked at MAPS’ cloud infrastructure, they saw there were things that could be done better to optimize costs. For example, they broke up some of the internal resources to better distribute the load across multiple systems. They implemented a lot of DevOps-related technologies such as system monitoring to get alerts if thresholds are reached in order to be proactive to resolve issues before they become real problems. “We’ve streamlined some of their workflows,” says Miller. “We did some reorganization and eliminated inefficient systems and processes for better business workflow.”
Cloud Brigade also set up a backup routine to ensure that the research content as well as the files used in developing the websites are easily recoverable in the event of some sort of unexpected disaster or failure. “We implemented a daily snapshotting process of the web applications and their databases so that if – or when – there is an issue, we’re able to quickly restore those files without having to resort to restoring an entire server image,” according to Miller. “It allows us to address the restoration need, which does come up periodically, in a more efficient manner. That makes it easier on everyone involved because we can respond quickly and there’s less downtime and less negative impact on the development team.”
Looking to the Future
Cloud Brigade is encouraging MAPS to implement identity management as part of their infrastructure. “We’d like to have a central source of management for the user accounts for their server infrastructure,” says Miller. “This could extend into the overall organization with their laptops and other devices used within the organization. It’s just one more way to enhance security and control.”