Ranking Copilot
AI-driven legal directory automation software
Segment
IT, Software Development, Startup
Location
London, United Kingdom
Timeline
September 2024 - October 2024
Team
Lead DevOps engineer
DevOps engineer
Ranking Copilot’s AI-powered software platform fuses decades of hands-on directory submission experience with the specific ranking criteria and submission requirements of each directory to help law firms and lawyers:
The Need and Challenges
Ranking Copilot received Microsoft Azure Sponsorship and engaged 2Ops to deliver an initial Azure infrastructure setup for a small development team.
The primary request was to create and deploy two isolated environments for staging and production. This setup included the following resources: Azure Key Vault, Azure Container Registry, Azure App Service, Azure Storage Account, and PostgreSQL. Additionally, Ranking Copilot requested the implementation of a Web Application Firewall (WAF) and VPN access to private subnets. This setup included the following resources: Azure Key Vault, Azure Container Registry, Azure App Service, Azure Storage Account, and PostgreSQL.
Additionally, Ranking Copilot requested the implementation of a Web Application Firewall (WAF) and VPN access to private subnets.
The scope of the project also included creating and configuring CI/CD pipelines for both the front-end and back-end to streamline development and release processes. Due to a tight timeline, Ranking Copilot required a specific feature to be developed, tested, and released to production promptly. Furthermore, 2Ops was tasked with reviewing the existing Docker file to optimize its size and performance settings.
Key challenges included the need to meet tight deadlines while adhering to ISO 27001 and SOC 2 compliance standards. The initial infrastructure and pipeline setup were scheduled for delivery within 14 days.
Why 2Ops?
Our decision to work with 2Ops was based on your team’s expertise, clear communication, and ability to align with our technical requirements and timelines. These factors gave us confidence in your capability to deliver the needed results.
What was implemented?
STAGE and PROD Environments
We set up and deployed two isolated environments for staging and production. All resources were configured with private endpoints and private networks. Access to all mission-critical resources were configured with private network and available only through Azure VPN. Application endpoints for the staging environment were secured with Cloudflare Zero Trust and made privately accessible only to the development team.
CI/CD Pipelines (GitHub Actions)
CI/CD pipelines were developed for both back-end and front-end applications. GitHub pipelines were established for building and deploying applications to Azure App Service, publishing Docker artefacts to Azure Container Registry, and managing deployments to STAGE and PROD environments. Security measures were implemented by configuring pull request policies, code owners, protected branches, and branch/release strategies.
ISO 270001 and SOC 2 compliance
Azure Resources were deployed and configured to meet industry best practices and ISO 270001/SOC 2 infrastructure requirements. Predefined standarts were added to Microsoft Defender for Cloud with all requirements and current compliance score. This also included setting up role-based access control (RBAC) using Azure Security Groups, enforcing multi-factor authentication (MFA) for all users, and creating clear access policies for the STAGE and PROD environments.
Threat Prevention
It were configured essential Microsoft Security products, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWP), with features like malware scanning and sensitive data discovery. Additionally, we enabled audit logs across all Azure resources to ensure comprehensive monitoring. Cloudflare Web Application Firewall was also set up, utilizing a combination of custom and pre-configured rules tailored to the technologies in use.
Quality Gates
SonarCloud was integrated as a quality gate for both back-end and front-end repositories. A basic quality gate was established, with plans for further refinement based on team feedback. The integration included adding quality checks to Pull Request pipelines and publishing detailed reports through GitHub pipelines. A demo was conducted to ensure the team understood the setup and how to leverage it effectively.
Setup and Configure the Azure AI Document Intelligence
We were requested to deploy and configure Azure AI Document Intelligence services, which use AI to extract and process information from documents. We have successfully deployed Azure resources to fit business needs. Furthermore, a dedicated session was held with the Ranking Copilot Team to present the basic setup and possible functionality of the service.
Services and Technologies
Technical Team
Project Manager
DevOps Engineer
Security Engineer
Technology stack
Terraform (IaC)
GitHub (CI/CD)
Docker
Azure Services
vNet
vWAN
VPN Gateway
Private DNS
Key Vault
Azure Container Registry
App Service
Azure Storage
PostgreSQL
Microsoft Entra
Microsoft Defender for Cloud
Azure AI Document Intelligence
Integrations
CloudFlare Web Application Firewall (WAF)
Cloudflare Zero Trust
Security Engineer
It’s about changing legal culture.
Benefits for Client
Secure Infrastructure
Private Endpoints, WAF Protection, and NSGs ensured a fortified network perimeter, protecting sensitive legal data and client information from external threats. Secured role-based access with multi-factor authentication and Azure Security Groups, minimize the risk of unauthorized access and data breaches.
Operational Efficiency
The identical setup between Stage and Prod allows for efficient testing and deployment of applications, reducing downtime and minimising errors. Role-based access control simplifies user management and ensures engineers and leads have access to only the resources they need.
Simple Scalability
Effortlessly scale in response to increasing traffic or the addition of new services. This flexibility ensures the platform remains reliable and high-performing as the business grows, allowing it to adapt to market needs and capitalize on growth opportunities while maintaining an exceptional user experience.
Cost Optimization
By leveraging Azure-native services, we have achieved a highly cost-efficient solution that delivers exceptional performance. This approach not only reduces operational expenses but also ensures resources are used strategically, enabling our client to invest more in innovation and growth.
Access Control
By isolating Stage and Production environments and implementing Role-Based Access Control (RBAC), we have ensured critical resources remain protected and accessible only to authorized personnel.
Regulatory Confidence
These configurations align with best practices for cloud security and access control, supporting regulatory compliance (ISO27001/SOC2). This approach not only safeguards sensitive data but also builds trust with stakeholders and positions business for sustainable growth in highly regulated markets.
See our other case studies
Let’s Get In Touch
Reach out to 2Ops, and we’ll guide you through the process, answer all your questions, and provide expert support every step of the way.